VDB
CVE-2016-8021
CVE-2016-8021
PUBLISHED
CVSS 3.5 LOW
Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file.
EPSS 2.85% · 86.5th percentile
Risk Scores
CVSS 2.0
3.5
EPSS Score
2.85%
86.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mcafee | virusscan_enterprise | 0 |
| Intel | VirusScan Enterprise Linux (VSEL) | * |
Timeline
- Dec 13, 2016 CVE Published
- Dec 13, 2016 PoC Published
- Dec 13, 2016 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Jan 23, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
References
- https://kc.mcafee.com/corporate/index?page=content&id=SB10181&actp=null&viewlocale=en_US&showDraft=false&platinum_status=false&locale=en_US advisory
- 94823 vdb
- 1037433 vdb
- https://kc.mcafee.com/corporate/index?page=content&id=SB10181 url
- 40911 exploit
- https://nvd.nist.gov/vuln/detail/CVE-2016-8021 advisory
- https://www.exploit-db.com/exploits/40911 url