CVE-2009-5115

McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
VendorProductVersion
mcafeecommon_management_agent
3.5.5.438
mcafeecommon_management_agent
3.5.5.568
mcafeecommon_management_agent
3.5.5.577
mcafeecommon_management_agent
3.5.5.580
mcafeecommon_management_agent
3.5.5.588
mcafeecommon_management_agent
3.6.0.438
mcafeecommon_management_agent
3.6.0.453
mcafeecommon_management_agent
3.6.0.546
mcafeecommon_management_agent
3.6.0.569
mcafeecommon_management_agent
3.6.0.574
mcafeecommon_management_agent
3.6.0.595
mcafeecommon_management_agent
3.6.0.603
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/78446
https://kc.mcafee.com/corporate/index?page=content&id=SB10002
https://exchange.xforce.ibmcloud.com/vulnerabilities/78446
https://kc.mcafee.com/corporate/index?page=content&id=SB10002