CVE-2015-3987
Summary
| CVE | CVE-2015-3987 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2015-05-14 14:59:00 UTC |
| Updated | 2019-02-11 16:11:00 UTC |
| Description | Multiple unquoted Windows search path vulnerabilities in the (1) Client Management and (2) Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via unspecified vectors. |
Risk And Classification
Problem Types: CWE-426
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Mcafee | Epo Deep Command | 2.1 | All | All | All |
| Application | Mcafee | Epo Deep Command | 2.2 | All | All | All |
| Application | Mcafee | Epo Deep Command | 2.1 | All | All | All |
| Application | Mcafee | Epo Deep Command | 2.2 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| McAfee ePO Deep Command CVE-2015-3987 Multiple Local Privilege Escalation Vulnerabilities | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| McAfee KnowledgeBase - Intel Security - Security Bulletin: ePO Deep Command 2.1 / 2.2 update fixes "Unquoted Executable Path" vulnerability | CONFIRM | kc.mcafee.com | Vendor Advisory |
| McAfee ePolicy Orchestrator Deep Command Unquoted Executable Path Lets Local Users Gain Elevated Privileges - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.