CVE-2023-0221
First published: Fri Jan 13 2023(Updated: )
Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program.
Credit: trellixpsirt@trellix.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee Application and Change Control | <8.3.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for the product security bypass vulnerability in ACC?
The vulnerability ID for the product security bypass vulnerability in ACC is CVE-2023-0221.
What is the severity of CVE-2023-0221?
The severity of CVE-2023-0221 is medium with a severity value of 4.4.
What software versions are affected by CVE-2023-0221?
The ACC versions prior to 8.3.4 are affected by CVE-2023-0221.
How does the vulnerability in ACC allow a locally logged-in attacker to bypass execution controls?
The vulnerability in ACC allows a locally logged-in attacker with administrator privileges to bypass execution controls using the utilman program.
How can I fix the vulnerability in ACC?
To fix the vulnerability in ACC, update to version 8.3.4 or later.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/mcafee
- canonical/mcafee application and change control