How severe is CVE-2021-23882?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.4 out of 10.

What type of vulnerability is CVE-2021-23882?

This is classified as CWE-269, which is a common weakness in software security.

CVE-2021-23882 - MEDIUM Severity | CVSS 4.4

Vulnerability Description

Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade.

Related Vulnerabilities

CVE-2018-12261

MEDIUM

CVSS:4.4(Medium)

An issue was discovered on Momentum Axel 720P 5.1.8 devices. All processes run as root.

CWE-2692018

CVE-2018-1368

MEDIUM

CVSS:4.4(Medium)

IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 could allow a local user with low privileges to view report pages and perform some actions that only an admin should be performing, so...

CWE-2692018

CVE-2021-23880

MEDIUM

CVSS:4.4(Medium)

Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of th...

CWE-2692021

CVE-2021-31581

MEDIUM

CVSS:4.4(Medium)

The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which...

CWE-2692021

CVE-2022-27840

MEDIUM

CVSS:4.4(Medium)

Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission.

CWE-2692022

CVE-2022-30610

MEDIUM

CVSS:4.4(Medium)

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to reverse tabnabbing where it could allow a page linked to from within IBM Spectrum Copy Data Management to rewrite it. An adm...

CWE-2692022