CVE Vulnerabilities

CVE-2009-5116

Improper Authentication

Published: Aug 22, 2012 | Modified: Aug 22, 2012
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

McAfee LinuxShield 1.5.1 and earlier does not properly implement client authentication, which allows remote authenticated users to obtain Admin access to the statistics server by leveraging a client account.

Weakness

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Affected Software

Name Vendor Start Version End Version
Linuxshield Mcafee * 1.5.1
Linuxshield Mcafee 1.5 1.5

Potential Mitigations

References