Vulnerabilities > Mcafee > Application AND Change Control > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-01-13 CVE-2023-0221 Improper Privilege Management vulnerability in Mcafee Application and Change Control
Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program.
local
low complexity
mcafee CWE-269
4.4
2020-08-26 CVE-2020-7309 Cross-site Scripting vulnerability in Mcafee Application and Change Control
Cross Site Scripting vulnerability in ePO extension in McAfee Application Control (MAC) prior to 8.3.1 allows administrators to inject arbitrary web script or HTML via specially crafted input in the policy discovery section.
network
low complexity
mcafee CWE-79
4.8