Download Mcafee Endpoint Encryption Admin Rights
Mcafee Drive Encryption Recovery
Mcafee Drive Encryption Download
First Published: August 13, 2019Impact of Vulnerability:Privilege Escalation (CWE-274)CVE ID:CVE-2019-3637Severity Rating:MediumCVSS v3 Base/Temporal Scores:4.1 / 3.7Recommendations:Install or update to File and Removable Media Protection (FRP) 5.1.0.209Security Bulletin Replacement:NoneAffected Software:FRP 5.x earlier than 5.1.0.209Location of updated software:To receive email notification when this Security Bulletin is updated, click Subscribe on the right side of the page. You must be logged on to subscribe.Article contents:.Vulnerability DescriptionWhen FRP is installed, it includes a plug-in to facilitate user interaction with the McAfee Agent Tray. To exploit this vulnerability, an attacker would need to run McAfee Agent Tray with administrator rights on the target machine. From the elevated McAfee Tray, the attacker can start the FRP console with the same administrator rights and then use the console to start other processes with the same rights.
I'm trying to figure out the exact Admin Rights level a given user needs to change a password via the Endpoint Encryption webHelpdesk (The Administrator's Reset User's Password option, I.E. The last option on the page).I've been playing around with a user, adding rights slowly and it looks like a given user needs all boxes checked off in the 'Servers' section to change a password???!?That just seems. Strange to me, that you have to assign such things as 'Rename Server' 'Delete Server' and 'Clear Audit Log' in order for an admin to change a password. Unless it takes a few minutes for these rights to filter down to the authentication system on the Apache server.
