ID CVE-2018-6756
Summary Authentication Abuse vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute unauthorized commands via specially crafted malware.
References
Vulnerable Configurations
  • cpe:2.3:a:mcafee:true_key:-:*:*:*:*:windows:*:*
    cpe:2.3:a:mcafee:true_key:-:*:*:*:*:windows:*:*
  • cpe:2.3:a:mcafee:true_key:3.1.9211.0:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:true_key:3.1.9211.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:true_key:4.0.0.0:*:*:*:*:android:*:*
    cpe:2.3:a:mcafee:true_key:4.0.0.0:*:*:*:*:android:*:*
  • cpe:2.3:a:mcafee:true_key:4.20:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:true_key:4.20:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:true_key:5.1.165:*:*:*:*:windows:*:*
    cpe:2.3:a:mcafee:true_key:5.1.165:*:*:*:*:windows:*:*
  • cpe:2.3:a:mcafee:true_key:5.1.230.7:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:true_key:5.1.230.7:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 09-10-2019 - 23:42)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
refmap via4
confirm http://service.mcafee.com/FAQDocument.aspx?&id=TS102872
exploit-db 45961
Last major update 09-10-2019 - 23:42
Published 06-12-2018 - 23:29
Last modified 09-10-2019 - 23:42
Back to Top