CVE-2012-4593

McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command.

Published: Aug 22, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-4593
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
mcafee / application_control	5.1.1	5.1.1.x
mcafee / change_control	5.1.0	5.1.0.x
mcafee / change_control	6.0.0	6.0.0.x
mcafee / change_control	5.1.1	5.1.1.x
mcafee / change_control	5.1.2	5.1.2.x
mcafee / application_control	5.1.0	5.1.0.x
mcafee / application_control	5.1.2	5.1.2.x
mcafee / application_control	6.0.0	6.0.0.x

https://kc.mcafee.com/corporate/index?page=content&id=SB10023

Vulnerability Database

289,599

CVE-2012-4593