CVE-2016-8006 - OpenCVE

Authentication bypass vulnerability in Enterprise Security Manager (ESM) and License Manager (LM) in Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 allows an administrator to make changes to other SIEM users' information including user passwords without supplying the current administrator password a second time via the GUI or GUI terminal commands.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:L/AC:L/Au:S/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mcafee	Security Information And Event Management

Configuration 1 [-]

cpe:2.3:a:mcafee:security_information_and_event_management:*:mr3:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.quantumleap.it/mcafee-siem-esm-esmrec-authentication-bypass-vulnerability/
http://www.securityfocus.com/bid/95313
https://kc.mcafee.com/corporate/index?page=content&id=KB87744
https://www.narthar.it/DOC/McAfee_SIEM_9.6_Authentication_bypass_vulnerability.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: intel

Published: 2017-01-05T22:00:00

Updated: 2024-08-06T02:13:21.599Z

Reserved: 2016-09-09T00:00:00

Link: CVE-2016-8006

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-01-05T22:59:00.250

Modified: 2017-01-18T02:59:12.657

Link: CVE-2016-8006

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-09-16T00:00:00", "descriptions": [{"lang": "en", "value": "Authentication bypass vulnerability in Enterprise Security Manager (ESM) and License Manager (LM) in Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 allows an administrator to make changes to other SIEM users' information including user passwords without supplying the current administrator password a second time via the GUI or GUI terminal commands."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-01-12T22:57:01", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.narthar.it/DOC/McAfee_SIEM_9.6_Authentication_bypass_vulnerability.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=KB87744"}, {"name": "95313", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/95313"}, {"tags": ["x_refsource_MISC"], "url": "http://www.quantumleap.it/mcafee-siem-esm-esmrec-authentication-bypass-vulnerability/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@intel.com", "ID": "CVE-2016-8006", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Authentication bypass vulnerability in Enterprise Security Manager (ESM) and License Manager (LM) in Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 allows an administrator to make changes to other SIEM users' information including user passwords without supplying the current administrator password a second time via the GUI or GUI terminal commands."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.narthar.it/DOC/McAfee_SIEM_9.6_Authentication_bypass_vulnerability.html", "refsource": "MISC", "url": "https://www.narthar.it/DOC/McAfee_SIEM_9.6_Authentication_bypass_vulnerability.html"}, {"name": "https://kc.mcafee.com/corporate/index?page=content&id=KB87744", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content&id=KB87744"}, {"name": "95313", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95313"}, {"name": "http://www.quantumleap.it/mcafee-siem-esm-esmrec-authentication-bypass-vulnerability/", "refsource": "MISC", "url": "http://www.quantumleap.it/mcafee-siem-esm-esmrec-authentication-bypass-vulnerability/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T02:13:21.599Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.narthar.it/DOC/McAfee_SIEM_9.6_Authentication_bypass_vulnerability.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=KB87744"}, {"name": "95313", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/95313"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.quantumleap.it/mcafee-siem-esm-esmrec-authentication-bypass-vulnerability/"}]}]}, "cveMetadata": {"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2016-8006", "datePublished": "2017-01-05T22:00:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:21.599Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:security_information_and_event_management:*:mr3:*:*:*:*:*:*", "matchCriteriaId": "D9BCB33D-5381-44D0-B0B9-F46D6CAB8CB2", "versionEndIncluding": "9.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Authentication bypass vulnerability in Enterprise Security Manager (ESM) and License Manager (LM) in Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 allows an administrator to make changes to other SIEM users' information including user passwords without supplying the current administrator password a second time via the GUI or GUI terminal commands."}, {"lang": "es", "value": "Vulnerabilidad de elusi\u00f3n de autenticaci\u00f3n en Enterprise Security Manager (ESM) y License Manager (LM) en Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 permite a un administrador hacer cambios en la informaci\u00f3n de otros usuarios SIEM incluyendo contrase\u00f1as de usuario sin aportar al administrador actual una contrase\u00f1a por segunda vez a trav\u00e9s de comandos de terminal GUI o GUI."}], "id": "CVE-2016-8006", "lastModified": "2017-01-18T02:59:12.657", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 1.7, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-01-05T22:59:00.250", "references": [{"source": "secure@intel.com", "url": "http://www.quantumleap.it/mcafee-siem-esm-esmrec-authentication-bypass-vulnerability/"}, {"source": "secure@intel.com", "url": "http://www.securityfocus.com/bid/95313"}, {"source": "secure@intel.com", "tags": ["Vendor Advisory"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=KB87744"}, {"source": "secure@intel.com", "url": "https://www.narthar.it/DOC/McAfee_SIEM_9.6_Authentication_bypass_vulnerability.html"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}