CVE-2021-23873

MEDIUM Year: 2021
CVSS v3 Score
6.1
Medium
CVSS v2 Score
3.6
Low
Weakness Type
CWE-59
View all →

Vulnerability Description

Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file deletion as the SYSTEM user potentially causing Denial of Service via manipulating Junction link, after enumerating certain files, at a specific time.

Related Vulnerabilities

CVE-2013-1866

MEDIUM
CVSS:6.1(Medium)

OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability

CWE-592013

CVE-2013-1867

MEDIUM
CVSS:6.1(Medium)

Gemalto Tokend 2013 has an Arbitrary File Creation/Overwrite Vulnerability

CWE-592013

CVE-2015-5700

MEDIUM
CVSS:6.1(Medium)

mktexlsr revision 22855 through revision 36625 as packaged in texlive allows local users to write to arbitrary files via a symlink attack.

CWE-592015

CVE-2015-5701

MEDIUM
CVSS:6.1(Medium)

mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to write to arbitrary files via a symlink attack. NOTE: this vulnerability exists due to the reversion of a...

CWE-592015

CVE-2017-12258

MEDIUM
CVSS:6.1(Medium)

A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack. The vulnerability exists be...

CWE-592017

CVE-2020-26277

MEDIUM
CVSS:6.1(Medium)

DBdeployer is a tool that deploys MySQL database servers easily. In DBdeployer before version 1.58.2, users unpacking a tarball may use a maliciously packaged tarball that contains symlinks to files e...

CWE-592020