Description
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10054
Scores
CVSS v3
5.5
EPSS
0.0004
EPSS Percentile
11.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-284
Status
published
Products (3)
Intel/Change Control (MCC)
6.1.0 for Linux and earlier
mcafee/application_control
< 6.1.0
mcafee/change_control
< 6.1.0
Published
Mar 14, 2017
Tracked Since
Feb 18, 2026