{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-08-22T10:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10023"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-4593", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10023", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10023"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:42:54.685Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10023"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-4593", "datePublished": "2012-08-22T10:00:00Z", "dateReserved": "2012-08-22T00:00:00Z", "dateUpdated": "2024-09-17T01:31:53.366Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:application_control:5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "37E89808-3EB2-4F9B-90AA-DC4573896541", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:application_control:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "AD9FA589-11BC-47F0-9189-3C0DD0AE4185", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:application_control:5.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "ACD3B886-748C-4F22-BEEF-FEFDEC4EC495", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:application_control:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E1E9C4E2-83FC-4408-85DB-AB5035A3DDE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:change_control:5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "14A630BB-38D6-4840-9B5C-5E0453B8E5B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:change_control:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "646BE239-A957-433E-884D-366ED805FCF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:change_control:5.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "57F0EE98-D18F-4FB8-BE9D-D1C0A186E70D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:change_control:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "9970307E-0CD7-4AB3-AB31-BC18B55D1C9F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command."}, {"lang": "es", "value": "McAfee Application Control y Change Control v5.1.x y v6.0.0 no refuerza los requisitos de la contrase\u00f1a establecida en ciertas situaciones que implican atributos en la contrase\u00f1a del fichero, lo que permite a usuarios locales evitar la autenticaci\u00f3n ejecutando un comando."}], "id": "CVE-2012-4593", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-08-22T10:42:05.320", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10023"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10023"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}