CVE-2019-3653

Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool.

Published: Oct 9, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-3653
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mcafee / endpoint_security	10.5.0	10.5.5.x
mcafee / endpoint_security	10.6.0	10.6.1
mcafee / endpoint_security	10.16.1	10.16.1.x

https://kc.mcafee.com/corporate/index?page=content&id=SB10299

Vulnerability Database

289,697

CVE-2019-3653