CVE-2016-8007

medium

Published 2017-03-14 · Modified 2026-05-13

CVSS v3

6.3

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H

CVSS v2

3.0

VIR risk

6.3

Description

Authentication bypass vulnerability in McAfee Host Intrusion Prevention Services (HIPS) 8.0 Patch 7 and earlier allows authenticated users to manipulate the product's registry keys via specific conditions.

Predictions

Exploit likelihood

63%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secure@intel.com — https://kc.mcafee.com/corporate/index?page=content&id=SB10173

Application impact

Vendor	Product	Versions	Fixed
mcafee	host_intrusion_prevention_services	`{"endIncluding":"8.0"}`

References

http://www.securityfocus.com/bid/93813
https://kc.mcafee.com/corporate/index?page=content&id=SB10173
http://www.securityfocus.com/bid/93813
https://kc.mcafee.com/corporate/index?page=content&id=SB10173

CWEs

CWE-284

Verify integrity in audit chain (admin only). AS-IS.