Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee advanced threat defense vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-0978
A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and previous versions, allows a local user to inject and execute arbitrary operating system commands using specially crafted strings. This vulnerability is due to insufficient validation of argu...
Mcafee Advanced Threat Defense
Trellix Intelligent Sandbox 5.2
Trellix Intelligent Sandbox 5.0
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1166 Github repositories
28 Articles
4
CVSSv2
CVE-2020-7269
Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense (ATD) before 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter. The risk is partially mitigated if your ATD ins...
Mcafee Advanced Threat Defense
4
CVSSv2
CVE-2020-7270
Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense (ATD) before 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter. The risk is partially mitigated if your ATD ins...
Mcafee Advanced Threat Defense
2.1
CVSSv2
CVE-2020-7262
Improper Access Control vulnerability in McAfee Advanced Threat Defense (ATD) before 4.10.0 allows local users to view sensitive files via a carefully crafted HTTP request parameter.
Mcafee Advanced Threat Defense
4.6
CVSSv2
CVE-2020-7254
Privilege Escalation vulnerability in the command line interface in McAfee Advanced Threat Defense (ATD) 4.x before 4.8.2 allows local users to execute arbitrary code via improper access controls on the sudo command.
Mcafee Advanced Threat Defense
6.5
CVSSv2
CVE-2019-3661
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in McAfee Advanced Threat Defense (ATD) before 4.8 allows remote authenticated malicious user to execute database commands via carefully constructed time based payloads.
Mcafee Advanced Threat Defense
2.1
CVSSv2
CVE-2019-3663
Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) before 4.8 allows local malicious user to gain access to the root password via accessing sensitive files on the system. This was originally published with a CVSS rating of High, further inves...
Mcafee Advanced Threat Defense
1 Github repository
4
CVSSv2
CVE-2019-3662
Path Traversal: '/absolute/pathname/here' vulnerability in McAfee Advanced Threat Defense (ATD) before 4.8 allows remote authenticated malicious user to gain unintended access to files on the system via carefully constructed HTTP requests.
Mcafee Advanced Threat Defense
6.5
CVSSv2
CVE-2019-3651
Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD before 4.8 allows remote authenticated malicious users to gain access to ePO as an administrator via using the atduser credentials, which were too permissive.
Mcafee Advanced Threat Defense
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »