CVE Vulnerabilities

CVE-2021-23880

Published: Feb 10, 2021 | Modified: Nov 16, 2023

CVSS 3.x

4.4

MEDIUM

Source:

NVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CVSS 2.x

2.1 LOW

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-23880
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of the anti-malware engine via the running of a specific command with the correct parameters.

Affected Software

Name	Vendor	Start Version	End Version
Endpoint_security	Mcafee	*	10.7.0 (excluding)

References

https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10345

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.