cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-31833,https://securityvulnerability.io/vulnerability/CVE-2021-31833,Security Bypass Vulnerability in McAfee Application and Change Control,"A security bypass vulnerability exists in McAfee Application and Change Control (MACC) which may allow a locally logged-in attacker to circumvent built-in application solidification protections. This could enable the attacker to execute applications that MACC normally prevents. The attack necessitates the renaming of a specified binary to match the name of a configured updater and entails a specific sequence of manipulations to successfully execute the renamed binary, thereby undermining the integrity of the application control mechanisms.","Mcafee,llc",Mcafee Application And Change Control (macc),7.1,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-01-04T09:45:12.000Z,0
CVE-2020-7334,https://securityvulnerability.io/vulnerability/CVE-2020-7334,Improper privilege assignment vulnerability in the installer component of MACC,Improper privilege assignment vulnerability in the installer McAfee Application and Change Control (MACC) prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further controls for installation/uninstallation of software.,"Mcafee,llc",Mcafee Application And Change Control (macc),7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-10-15T00:00:00.000Z,0
CVE-2020-7309,https://securityvulnerability.io/vulnerability/CVE-2020-7309,Cross Site Scripting vulnerability in ePO extension of MACC,Cross Site Scripting vulnerability in ePO extension in McAfee Application Control (MAC) prior to 8.3.1 allows administrators to inject arbitrary web script or HTML via specially crafted input in the policy discovery section.,"Mcafee, Llc",Mcafee Application And Change Control,3.9,LOW,0.000539999979082495,false,,false,false,false,,,false,false,,2020-08-26T06:15:00.000Z,0
CVE-2020-7260,https://securityvulnerability.io/vulnerability/CVE-2020-7260,MACC installer DLL side loading,DLL Side Loading vulnerability in the installer for McAfee Application and Change Control (MACC) prior to 8.3 allows local users to execute arbitrary code via execution from a compromised folder.,"Mcafee, Llc",Mcafee Application And Change Control (macc),7.3,HIGH,0.0006900000153109431,false,,false,false,false,,,false,false,,2020-03-26T13:15:00.000Z,0
CVE-2018-6668,https://securityvulnerability.io/vulnerability/CVE-2018-6668,Bypass Application Control with simple DLL,"A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before allows execution bypass, for example, with simple DLL through interpreters such as PowerShell.",Mcafee,Application And Change Control,6.1,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2018-12-31T18:00:00.000Z,0
CVE-2018-6669,https://securityvulnerability.io/vulnerability/CVE-2018-6669,Bypass Application Control through an ASP.NET form,A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before allows a remote or local user to execute blacklisted files through an ASP.NET form.,Mcafee,Application And Change Control,6.3,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2018-12-20T14:00:00.000Z,0
CVE-2017-3912,https://securityvulnerability.io/vulnerability/CVE-2017-3912,"McAfee Application Control and Change Control (MACC) - password management security feature bypass (SFB) leading to an authentication bypass ",Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility.,Mcafee,Mcafee Application Control And Change Control (macc),4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2018-09-18T22:00:00.000Z,0
CVE-2012-4593,https://securityvulnerability.io/vulnerability/CVE-2012-4593,,"McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command.",Mcafee,"Application Control,Change Control",,,0.0004199999966658652,false,,false,false,false,,,false,false,,2012-08-22T10:42:00.000Z,0