Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee epolicy orchestrator vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-6659
Reflected Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows remote authenticated users to exploit an XSS issue via not sanitizing the user input.
Mcafee Epolicy Orchestrator 5.3.0
Mcafee Epolicy Orchestrator 5.3.1
Mcafee Epolicy Orchestrator 5.3.2
Mcafee Epolicy Orchestrator 5.9.0
NA
CVE-2003-0148
The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 up to and including 3.0 allows malicious users to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from the ePO serv...
Mcafee Epolicy Orchestrator 2.5
Mcafee Epolicy Orchestrator 2.5.1
Mcafee Epolicy Orchestrator 3.0
Mcafee Epolicy Orchestrator 2.0
5.4
CVSSv3
CVE-2017-3902
Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing input validation.
Mcafee Epolicy Orchestrator 5.1.0
Mcafee Epolicy Orchestrator 5.1.2
Mcafee Epolicy Orchestrator 5.1.1
Mcafee Epolicy Orchestrator 5.1.3
4.9
CVSSv3
CVE-2018-6660
Directory Traversal vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows administrators to use Windows alternate data streams, which could be used to bypass the file extensions, via not properly validating the path when exporting a particular XM...
Mcafee Epolicy Orchestrator 5.3.0
Mcafee Epolicy Orchestrator 5.3.1
Mcafee Epolicy Orchestrator 5.3.2
Mcafee Epolicy Orchestrator 5.9.0
NA
CVE-2004-0038
McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 allows remote malicious users to execute arbitrary commands via certain HTTP POST requests to the spipe/file handler on ePO TCP port 81.
Mcafee Epolicy Orchestrator 2.5.1
Mcafee Epolicy Orchestrator 2.5
Mcafee Epolicy Orchestrator 3.0
4.9
CVSSv3
CVE-2019-3619
Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 before 5.10.0 update 4 allows remote unauthenticated malicious user to view sensitive information in plain text via sniffing the traffic between the Agent Handler and t...
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
Mcafee Epolicy Orchestrator 5.10.0
NA
CVE-2003-0149
Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote malicious users to execute arbitrary code via a POST request containing long parameters.
Mcafee Epolicy Orchestrator 2.5
Mcafee Epolicy Orchestrator 2.0
Mcafee Epolicy Orchestrator 2.5.1
NA
CVE-2003-0616
Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote malicious users to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution.
Mcafee Epolicy Orchestrator 2.5.1
Mcafee Epolicy Orchestrator 2.5
Mcafee Epolicy Orchestrator 2.0
NA
CVE-2007-1498
Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) prior to 3.6.1 Patch 1 and ProtectionPilot (PRP) prior to 1.5.0 HotFix allow remote malicious users to execute a...
Mcafee Epolicy Orchestrator 3.5.0
Mcafee Epolicy Orchestrator 3.6.0
Mcafee Epolicy Orchestrator 3.6.1
Mcafee Protectionpilot 1.1.1
Mcafee Protectionpilot 1.5.0
5.4
CVSSv3
CVE-2021-31834
Stored Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) before 5.10 Update 11 allows ePO administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »