CVE-2018-6703
9.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| McAfee, LLC | McAfee Agent | 5.x < 5.6.0 | affected |
Weaknesses
- Use After Free
Workarounds
Remote logging is disabled by default. Turning off remote logging protects against this issue.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.