CVE-2016-3984

The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.

Published: Apr 8, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-3984
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.1
AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H

CVSS v2:

Severity: Low
Score: 3.6
AV:L/AC:L/Au:N/C:N/I:P/A:P

CWEs:

CWE-284

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
mcafee / data_loss_prevention_endpoint	-	9.4.0.x
mcafee / agent	-	5.0.2.285.x
mcafee / virusscan_enterprise	-	8.8.0.x
mcafee / host_intrusion_prevention	-	8.0.0.x
mcafee / data_loss_prevention_endpoint	-	9.3.0.x
mcafee / active_response	-	1.1.0.158.x
mcafee / data_exchange_layer	-	2.0.0.430.1.x
mcafee / endpoint_security	-	10.0.1.x

Vulnerability Database

289,697

CVE-2016-3984