Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee epolicy orchestrator 5.10.0 vulnerabilities and exploits
(subscribe to this query)
3.8
CVSSv3
CVE-2022-0861
A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote administrator malicious user to upload a malicious XML file through the extension import functionality. The impact is limited to some access to confidential i...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
8
CVSSv3
CVE-2023-5444
A Cross Site Request Forgery vulnerability in ePolicy Orchestrator before 5.10.0 CP1 Update 2 allows a remote low privilege user to successfully add a new user with administrator privileges to the ePO server. This impacts the dashboard area of the user interface. To exploit this...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
5.4
CVSSv3
CVE-2023-5445
An open redirect vulnerability in ePolicy Orchestrator before 5.10.0 CP1 Update 2, allows a remote low privileged user to modify the URL parameter for the purpose of redirecting URL request(s) to a malicious site. This impacts the dashboard area of the user interface. A user wou...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
6.1
CVSSv3
CVE-2022-0857
A reflected cross-site scripting (XSS) vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote malicious user to potentially obtain access to an ePO administrator's session by convincing the malicious user to click on a carefully c...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
5.3
CVSSv3
CVE-2022-0862
A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote malicious user to change the password of a compromised session without knowing the existing user's password. This fun...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
5.4
CVSSv3
CVE-2022-3338
An External XML entity (XXE) vulnerability in ePO before 5.10 Update 14 can lead to an unauthenticated remote malicious user to potentially trigger a Server Side Request Forgery attack. This can be exploited by mimicking the Agent Handler call to ePO and passing the carefully con...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
4.9
CVSSv3
CVE-2019-3619
Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 before 5.10.0 update 4 allows remote unauthenticated malicious user to view sensitive information in plain text via sniffing the traffic between the Agent Handler and t...
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
Mcafee Epolicy Orchestrator 5.10.0
3.7
CVSSv3
CVE-2021-2432
Vulnerability in the Java SE product of Oracle Java SE (component: JNDI). The supported version that is affected is Java SE: 7u301. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful atta...
Oracle Jdk 1.7.0
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
5.5
CVSSv3
CVE-2020-13938
Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows
Apache Http Server
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
Netapp Cloud Backup -
3.7
CVSSv3
CVE-2019-2842
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JCE). The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful ...
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Hp Xp7 Command View
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
Mcafee Epolicy Orchestrator 5.10.0
Canonical Ubuntu Linux 16.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »