CVE-2013-7461

A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions.

Published: Mar 14, 2017
Updated: Apr 13, 2023
CVE: CVE-2013-7461
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-284

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
mcafee / change_control	-	6.1.0.x
mcafee / application_control	-	6.1.0.x

https://kc.mcafee.com/corporate/index?page=content&id=SB10054

Vulnerability Database

289,697

CVE-2013-7461