CVE-2012-4593

McAfee Application Control and Change Control <6.0.0 - Auth Bypass

Title source: llm

Description

McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command.

References (1)

[Vendor Advisory] https://kc.mcafee.com/corporate/index?page=content&id=SB10023

Scores

EPSS 0.0023

EPSS Percentile 45.7%

Classification

CWE

CWE-264

Status draft

Affected Products (8)

mcafee/application_control

mcafee/change_control

Timeline

Published Aug 22, 2012

Tracked Since Feb 18, 2026