First published: Tue Mar 14 2017(Updated: )
Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie.
Credit: secure@intel.com
Affected Software | Affected Version | How to fix |
---|---|---|
McAfee VirusScan Enterprise | <=2.0.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2016-8023 has been rated as a critical vulnerability due to its potential for allowing remote unauthenticated attackers to bypass authentication.
To fix CVE-2016-8023, upgrade to Intel Security VirusScan Enterprise Linux version 2.0.4 or later, where the vulnerability has been addressed.
CVE-2016-8023 affects Intel Security VirusScan Enterprise Linux version 2.0.3 and earlier.
Yes, CVE-2016-8023 can be exploited remotely by attackers using a crafted authentication cookie.
CVE-2016-8023 is classified as an authentication bypass vulnerability.