CVE-2018-6706

Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User to introduce custom paths during agent installation in Linux via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Affected Products (NVD)
VendorProductVersion
mcafeeagent
5.0.0 ≤
𝑥
≤ 5.0.6
mcafeeagent
5.5.0
mcafeeagent
5.5.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/106328
https://kc.mcafee.com/corporate/index?page=content&id=SB10260
http://www.securityfocus.com/bid/106328
https://kc.mcafee.com/corporate/index?page=content&id=SB10260