Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee epolicy orchestrator vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2018-6671
Application Protection Bypass vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 up to and including 5.3.3 and 5.9.0 up to and including 5.9.1 allows remote authenticated users to bypass localhost only access security protection for some ePO features via a specially crafted...
Mcafee Epolicy Orchestrator
1 EDB exploit
4
CVSSv2
CVE-2018-6672
Information disclosure vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 up to and including 5.3.3 and 5.9.0 up to and including 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors.
Mcafee Epolicy Orchestrator
2.3
CVSSv2
CVE-2020-7317
Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO) before 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for "syncPointList" not being correctly sanitsed.
Mcafee Epolicy Orchestrator
4.3
CVSSv2
CVE-2015-4559
Cross-site scripting (XSS) vulnerability in the product deployment feature in the Java core web services in Intel McAfee ePolicy Orchestrator (ePO) prior to 5.1.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Mcafee Epolicy Orchestrator
6.8
CVSSv2
CVE-2019-3604
Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) Cloud allows unauthenticated users to perform unintended ePO actions using an authenticated user's session via unspecified vectors.
Mcafee Epolicy Orchestrator
7.5
CVSSv2
CVE-2015-8765
Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and previous versions, 5.0.x, 5.1.x prior to 5.1.3 Hotfix 1106041, and 5.3.x prior to 5.3.1 Hotfix 1106041 allow remote malicious users to execute arbitrary code via a crafted serialized Java object, related to the Apache Commons Coll...
Mcafee Epolicy Orchestrator
7.5
CVSSv2
CVE-2016-8027
SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and previous versions and 5.1.3 and previous versions allows malicious users to alter a SQL query, which can result in disclosure of information within the database or impersona...
Mcafee Epolicy Orchestrator
2.3
CVSSv2
CVE-2020-7318
Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) before 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.
Mcafee Epolicy Orchestrator
10
CVSSv2
CVE-2002-0690
Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote malicious users to execute arbitrary code via an HTTP GET request with a URI containing format strings.
Mcafee Epolicy Orchestrator 2.5.1
5
CVSSv2
CVE-2003-0610
Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote malicious users to read arbitrary files via a certain HTTP request.
Mcafee Epolicy Orchestrator 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »