Show plain JSON{"containers": {"cna": {"affected": [{"product": "MA for Windows", "vendor": "McAfee LLC", "versions": [{"lessThan": "5.6.6", "status": "affected", "version": "5.6.x", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "McAfee credits Sebastian Schuster from Airbus CyberSecurity for responsibly reporting this flaw."}], "datePublic": "2020-09-09T00:00:00", "descriptions": [{"lang": "en", "value": "Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269: Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-09-10T09:45:21", "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "shortName": "trellix"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10325"}], "source": {"discovery": "EXTERNAL"}, "title": "Privilege Escalation vulnerability in MA for Windows", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@mcafee.com", "DATE_PUBLIC": "2020-09-09T00:00:00.000Z", "ID": "CVE-2020-7311", "STATE": "PUBLIC", "TITLE": "Privilege Escalation vulnerability in MA for Windows"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "MA for Windows", "version": {"version_data": [{"version_affected": "<", "version_name": "5.6.x", "version_value": "5.6.6"}]}}]}, "vendor_name": "McAfee LLC"}]}}, "credit": [{"lang": "eng", "value": "McAfee credits Sebastian Schuster from Airbus CyberSecurity for responsibly reporting this flaw."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-269: Improper Privilege Management"}]}]}, "references": {"reference_data": [{"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10325", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10325"}]}, "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T09:25:48.970Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10325"}]}]}, "cveMetadata": {"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "assignerShortName": "trellix", "cveId": "CVE-2020-7311", "datePublished": "2020-09-10T09:45:21.474269Z", "dateReserved": "2020-01-21T00:00:00", "dateUpdated": "2024-09-17T01:31:44.215Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"} 
ReportizFlow
MITRE
Vulnrichment
NVD
Redhat