Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-13	CVE-2023-0221	Improper Privilege Management vulnerability in Mcafee Application and Change Control Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program. local low complexity mcafee CWE-269	4.4
2020-08-26	CVE-2020-7309	Cross-site Scripting vulnerability in Mcafee Application and Change Control Cross Site Scripting vulnerability in ePO extension in McAfee Application Control (MAC) prior to 8.3.1 allows administrators to inject arbitrary web script or HTML via specially crafted input in the policy discovery section. network low complexity mcafee CWE-79	4.8