CVE-2020-7251

Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS.

Published: Feb 14, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-7251
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-863

Affected Software
References

Software	From	Fixed in
mcafee / endpoint_security	-	10.6.1

https://kc.mcafee.com/corporate/index?page=content&id=SB10299

Vulnerability Database

289,697

CVE-2020-7251