McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object.Referenceshttps://kc.mcafee.com/corporate/index?page=content&id=SB10002https://exchange.xforce.ibmcloud.com/vulnerabilities/78446
