CVE-2009-5116

Mcafee Linuxshield < 1.5.1 - Authentication Bypass

Title source: rule

Description

McAfee LinuxShield 1.5.1 and earlier does not properly implement client authentication, which allows remote authenticated users to obtain Admin access to the statistics server by leveraging a client account.

References (1)

[Vendor Advisory] https://kc.mcafee.com/corporate/index?page=content&id=SB10007

Scores

EPSS 0.0036

EPSS Percentile 57.8%

Classification

CWE

CWE-287

Status draft

Affected Products (2)

mcafee/linuxshield < 1.5.1

mcafee/linuxshield

Timeline

Published Aug 22, 2012

Tracked Since Feb 18, 2026