CPE Details
McAfee Endpoint Security for Linux Threat Prevention (ENSLTP) 10.2.3 for Linux
10.2.3
2022-08-02
13h15 +00:00
13h15 +00:00
2022-08-02
13h22 +00:00
13h22 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:mcafee:endpoint_security_for_linux_threat_prevention:10.2.3:*:*:*:*:linux:*:*
Informations
Vendor
mcafeeProduct
endpoint_security_for_linux_threat_preventionVersion
10.2.3Target Software
linuxRelated CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege escalation to delete arbitrary files. | 5.3 |
Medium |
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.