CVE-2016-8007

MEDIUM

McAfee HIPS <8.0.7 - Auth Bypass

Title source: llm

Description

Authentication bypass vulnerability in McAfee Host Intrusion Prevention Services (HIPS) 8.0 Patch 7 and earlier allows authenticated users to manipulate the product's registry keys via specific conditions.

Exploits (1)

nomisec WORKING POC 1 stars

by dmaasland · poc

https://github.com/dmaasland/mcafee-hip-CVE-2016-8007

View Code ZIP pw:eip

References (2)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/93813

[Mitigation, Vendor Advisory] https://kc.mcafee.com/corporate/index?page=content&id=SB10173

Scores

CVSS v3 6.3

EPSS 0.0014

EPSS Percentile 34.5%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H

Classification

CWE

CWE-284

Status published

Affected Products (2)

mcafee/host_intrusion_prevention_services < 8.0

Intel/Host Intrusion Prevention Services (HIPS) < 8.0 Patch 7 and earlier

Timeline

Published Mar 14, 2017

Tracked Since Feb 18, 2026