### [CVE-2016-8023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8023)
![](https://img.shields.io/static/v1?label=Product&message=VirusScan%20Enterprise%20Linux%20(VSEL)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=2.0.3%20(and%20earlier)%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Authentication%20bypass%20by%20assumed-immutable%20data%20vulnerability&color=brightgreen)

### Description

Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie.

### POC

#### Reference
- https://kc.mcafee.com/corporate/index?page=content&id=SB10181
- https://www.exploit-db.com/exploits/40911/

#### Github
- https://github.com/opsxcq/exploit-CVE-2016-8016-25