{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T21:59:40.265","vulnerabilities":[{"cve":{"id":"CVE-2019-3653","sourceIdentifier":"trellixpsirt@trellix.com","published":"2019-10-09T16:15:16.140","lastModified":"2024-11-21T04:42:18.110","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool."},{"lang":"es","value":"Una vulnerabilidad de control de acceso inapropiada en la herramienta de Configuración en McAfee Endpoint Security (ENS) versiones anteriores a 10.6.1 Update de octubre 2019, permite al usuario local conseguir acceso a la configuración de seguridad mediante el uso no autorizado de la herramienta de configuración."}],"metrics":{"cvssMetricV31":[{"source":"trellixpsirt@trellix.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":0.3,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:P/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"trellixpsirt@trellix.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:*:*:*","versionStartIncluding":"10.5.0","versionEndIncluding":"10.5.5","matchCriteriaId":"1674A876-8429-40B0-8D32-171C0089FFE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:*:*:*","versionStartIncluding":"10.6.0","versionEndExcluding":"10.6.1","matchCriteriaId":"53207FA9-42F0-439B-B2FF-C88075012D9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:10.16.1:-:*:*:*:*:*:*","matchCriteriaId":"7E40346A-9F76-466F-949D-B5DEAACF1B3F"}]}]}],"references":[{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10299","source":"trellixpsirt@trellix.com"},{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10299","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}