Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee epolicy orchestrator vulnerabilities and exploits
(subscribe to this query)
8.3
CVSSv3
CVE-2015-8765
Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and previous versions, 5.0.x, 5.1.x prior to 5.1.3 Hotfix 1106041, and 5.3.x prior to 5.3.1 Hotfix 1106041 allow remote malicious users to execute arbitrary code via a crafted serialized Java object, related to the Apache Commons Coll...
Mcafee Epolicy Orchestrator
4.3
CVSSv3
CVE-2020-7318
Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) before 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.
Mcafee Epolicy Orchestrator
7.2
CVSSv3
CVE-2017-3980
A directory traversal vulnerability in the ePO Extension in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, and 5.1.3 and previous versions allows remote authenticated users to execute a command of their choice via an authenticated ePO session.
Mcafee Epolicy Orchestrator
NA
CVE-2015-4559
Cross-site scripting (XSS) vulnerability in the product deployment feature in the Java core web services in Intel McAfee ePolicy Orchestrator (ePO) prior to 5.1.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Mcafee Epolicy Orchestrator
4.3
CVSSv3
CVE-2020-7317
Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO) before 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for "syncPointList" not being correctly sanitsed.
Mcafee Epolicy Orchestrator
6.5
CVSSv3
CVE-2018-6671
Application Protection Bypass vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 up to and including 5.3.3 and 5.9.0 up to and including 5.9.1 allows remote authenticated users to bypass localhost only access security protection for some ePO features via a specially crafted...
Mcafee Epolicy Orchestrator
1 EDB exploit
6.5
CVSSv3
CVE-2018-6672
Information disclosure vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 up to and including 5.3.3 and 5.9.0 up to and including 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors.
Mcafee Epolicy Orchestrator
10
CVSSv3
CVE-2016-8027
SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and previous versions and 5.1.3 and previous versions allows malicious users to alter a SQL query, which can result in disclosure of information within the database or impersona...
Mcafee Epolicy Orchestrator
NA
CVE-2006-3623
Directory traversal vulnerability in Framework Service component in McAfee ePolicy Orchestrator agent 3.5.0.x and previous versions allows remote malicious users to create arbitrary files via a .. (dot dot) in the directory and filename in a PropsResponse (PackageType) request.
Mcafee Epolicy Orchestrator Agent
NA
CVE-2004-0095
McAfee ePolicy Orchestrator agent allows remote malicious users to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, possibly triggering a buffer overflow.
Mcafee Epolicy Orchestrator 3.6.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »