CVE-2016-8006

medium

Trellix

CVSS v3 Base Score

4.4

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

EPSS Score

0.1%

Exploitation probability in 30 days

Top 77% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Confidentiality

None

Integrity

High

Availability

None

Published: January 5, 2017 (3416 days ago)

Last Modified: May 6, 2026

Vendor: Trellix

Source: NVD

Description

Authentication bypass vulnerability in Enterprise Security Manager (ESM) and License Manager (LM) in Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 allows an administrator to make changes to other SIEM users' information including user passwords without supplying the current administrator password a second time via the GUI or GUI terminal commands.

CWE

CWE-264

Affected Products

mcafee security information and event management

References

🔗 www.quantumleap.it 🔗 www.securityfocus.com 🔗 kc.mcafee.com 🔗 www.narthar.it 🔗 www.quantumleap.it

CVE-2016-8006

Vulnerability Report

Description

CWE

Affected Products

References