CVE-2019-3653

Summary

Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool.

Affected Software

VendorProductVersion RangeStatus
McAfee, LLCMcAfee Endpoint Security (ENS)10.6.x < 10.6.1affected
McAfee, LLCMcAfee Endpoint Security (ENS)10.5.x < 10.5.5affected

Weaknesses

  • CWE-284: CWE-284 Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

References