CVE-2018-6693
5.6
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L
Summary
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege escalation to delete arbitrary files.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| McAfee | Endpoint Security for Linux Threat Prevention (ENSLTP) | 10.5.0 | affected |
| McAfee | Endpoint Security for Linux Threat Prevention (ENSLTP) | 10.5.1 10.5.0 | affected |
| McAfee | Endpoint Security for Linux Threat Prevention (ENSLTP) | 10.2.3 Hotfix 1246778 <= 10.2.3 Hotfix 1246778 | affected |
Weaknesses
- CWE-363: Race Condition Enabling Link Following (CWE-363)
- CWE-274: Privilege Escalation (CWE-274)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.