Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Drive Encryption (MDE) by McAfee

    CVE-2018-6686 (GCVE-0-2018-6686)

    Vulnerability from nvd – Published: 2018-07-27 13:00 – Updated: 2024-08-05 06:10
    VLAI
    Title
    Drive Encryption (MDE) - Authentication Bypass vulnerability
    Summary
    Authentication Bypass vulnerability in TPM autoboot in McAfee Drive Encryption (MDE) 7.1.0 and above allows physically proximate attackers to bypass local security protection via specific set of circumstances.
    CWE
    • Authentication Bypass vulnerability
    Assigner
    References
    Impacted products
    Vendor Product Version
    McAfee Drive Encryption (MDE) Affected: 7.1.0 , < 7.1.0* (custom)
    Affected: 7.1.3.634 , < 7.1.3.634 (custom)
    Affected: 7.2.0 , < 7.2.0* (custom)
    Affected: 7.2.6 , < 7.2.6 (custom)
    Create a notification for this product.
    Date Public
    2018-07-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:10:10.705Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10242"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "x86"
              ],
              "product": "Drive Encryption (MDE)",
              "vendor": "McAfee",
              "versions": [
                {
                  "lessThan": "7.1.0*",
                  "status": "affected",
                  "version": "7.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.1.3.634",
                  "status": "affected",
                  "version": "7.1.3.634",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.2.0*",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.2.6",
                  "status": "affected",
                  "version": "7.2.6",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2018-07-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Authentication Bypass vulnerability in TPM autoboot in McAfee Drive Encryption (MDE) 7.1.0 and above allows physically proximate attackers to bypass local security protection via specific set of circumstances."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "NONE",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authentication Bypass vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-07-27T12:57:01.000Z",
            "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
            "shortName": "trellix"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10242"
            }
          ],
          "source": {
            "advisory": "SB10242",
            "discovery": "USER"
          },
          "title": "Drive Encryption (MDE) - Authentication Bypass vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@mcafee.com",
              "ID": "CVE-2018-6686",
              "STATE": "PUBLIC",
              "TITLE": "Drive Encryption (MDE) - Authentication Bypass vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Drive Encryption (MDE)",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003e=",
                                "platform": "x86",
                                "version_affected": "\u003e=",
                                "version_name": "7.1.0",
                                "version_value": "7.1.0"
                              },
                              {
                                "affected": "\u003c",
                                "platform": "x86",
                                "version_affected": "\u003c",
                                "version_name": "7.1.3.634",
                                "version_value": "7.1.3.634"
                              },
                              {
                                "affected": "\u003e=",
                                "platform": "x86",
                                "version_affected": "\u003e=",
                                "version_name": "7.2.0",
                                "version_value": "7.2.0"
                              },
                              {
                                "affected": "\u003c",
                                "platform": "x86",
                                "version_affected": "\u003c",
                                "version_name": "7.2.6",
                                "version_value": "7.2.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "McAfee"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Authentication Bypass vulnerability in TPM autoboot in McAfee Drive Encryption (MDE) 7.1.0 and above allows physically proximate attackers to bypass local security protection via specific set of circumstances."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "NONE",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authentication Bypass vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10242",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10242"
                }
              ]
            },
            "source": {
              "advisory": "SB10242",
              "discovery": "USER"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "assignerShortName": "trellix",
        "cveId": "CVE-2018-6686",
        "datePublished": "2018-07-27T13:00:00.000Z",
        "dateReserved": "2018-02-06T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:10:10.705Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-6686 (GCVE-0-2018-6686)

    Vulnerability from cvelistv5 – Published: 2018-07-27 13:00 – Updated: 2024-08-05 06:10
    VLAI
    Title
    Drive Encryption (MDE) - Authentication Bypass vulnerability
    Summary
    Authentication Bypass vulnerability in TPM autoboot in McAfee Drive Encryption (MDE) 7.1.0 and above allows physically proximate attackers to bypass local security protection via specific set of circumstances.
    CWE
    • Authentication Bypass vulnerability
    Assigner
    References
    Impacted products
    Vendor Product Version
    McAfee Drive Encryption (MDE) Affected: 7.1.0 , < 7.1.0* (custom)
    Affected: 7.1.3.634 , < 7.1.3.634 (custom)
    Affected: 7.2.0 , < 7.2.0* (custom)
    Affected: 7.2.6 , < 7.2.6 (custom)
    Create a notification for this product.
    Date Public
    2018-07-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:10:10.705Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10242"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "x86"
              ],
              "product": "Drive Encryption (MDE)",
              "vendor": "McAfee",
              "versions": [
                {
                  "lessThan": "7.1.0*",
                  "status": "affected",
                  "version": "7.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.1.3.634",
                  "status": "affected",
                  "version": "7.1.3.634",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.2.0*",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.2.6",
                  "status": "affected",
                  "version": "7.2.6",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2018-07-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Authentication Bypass vulnerability in TPM autoboot in McAfee Drive Encryption (MDE) 7.1.0 and above allows physically proximate attackers to bypass local security protection via specific set of circumstances."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "NONE",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authentication Bypass vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-07-27T12:57:01.000Z",
            "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
            "shortName": "trellix"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10242"
            }
          ],
          "source": {
            "advisory": "SB10242",
            "discovery": "USER"
          },
          "title": "Drive Encryption (MDE) - Authentication Bypass vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@mcafee.com",
              "ID": "CVE-2018-6686",
              "STATE": "PUBLIC",
              "TITLE": "Drive Encryption (MDE) - Authentication Bypass vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Drive Encryption (MDE)",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003e=",
                                "platform": "x86",
                                "version_affected": "\u003e=",
                                "version_name": "7.1.0",
                                "version_value": "7.1.0"
                              },
                              {
                                "affected": "\u003c",
                                "platform": "x86",
                                "version_affected": "\u003c",
                                "version_name": "7.1.3.634",
                                "version_value": "7.1.3.634"
                              },
                              {
                                "affected": "\u003e=",
                                "platform": "x86",
                                "version_affected": "\u003e=",
                                "version_name": "7.2.0",
                                "version_value": "7.2.0"
                              },
                              {
                                "affected": "\u003c",
                                "platform": "x86",
                                "version_affected": "\u003c",
                                "version_name": "7.2.6",
                                "version_value": "7.2.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "McAfee"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Authentication Bypass vulnerability in TPM autoboot in McAfee Drive Encryption (MDE) 7.1.0 and above allows physically proximate attackers to bypass local security protection via specific set of circumstances."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "NONE",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authentication Bypass vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10242",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10242"
                }
              ]
            },
            "source": {
              "advisory": "SB10242",
              "discovery": "USER"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "assignerShortName": "trellix",
        "cveId": "CVE-2018-6686",
        "datePublished": "2018-07-27T13:00:00.000Z",
        "dateReserved": "2018-02-06T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:10:10.705Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }