CVE-2014-8518
McAfee Endpoint Encryption for Files and Folders 3.2.x-4.2.x - Password Brute Force via Hard-Coded Salt
Title source: llmDescription
The (1) Removable Media and (2) CD and DVD encryption offsite access options (formerly Endpoint Encryption for Removable Media or EERM) in McAfee File and Removable Media Protection (FRP) 4.3.0.x, and Endpoint Encryption for Files and Folders (EEFF) 3.2.x through 4.2.x, uses a hard-coded salt, which makes it easier for local users to obtain passwords via a brute force attack.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10089
Scores
EPSS
0.0003
EPSS Percentile
9.4%
Details
CWE
CWE-255
Status
published
Products (21)
mcafee/endpoint_encryption_for_files_and_folders
3.2.0.0
mcafee/endpoint_encryption_for_files_and_folders
3.2.1.0
mcafee/endpoint_encryption_for_files_and_folders
3.2.2.0
mcafee/endpoint_encryption_for_files_and_folders
3.2.4.1
mcafee/endpoint_encryption_for_files_and_folders
3.2.5.0
mcafee/endpoint_encryption_for_files_and_folders
3.2.6
mcafee/endpoint_encryption_for_files_and_folders
3.2.6.3
mcafee/endpoint_encryption_for_files_and_folders
3.2.7
mcafee/endpoint_encryption_for_files_and_folders
3.2.7.0
mcafee/endpoint_encryption_for_files_and_folders
3.2.8
... and 11 more
Published
Oct 29, 2014
Tracked Since
Feb 18, 2026