Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee epolicy orchestrator vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-4559
Cross-site scripting (XSS) vulnerability in the product deployment feature in the Java core web services in Intel McAfee ePolicy Orchestrator (ePO) prior to 5.1.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Mcafee Epolicy Orchestrator
4
CVSSv2
CVE-2018-6671
Application Protection Bypass vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 up to and including 5.3.3 and 5.9.0 up to and including 5.9.1 allows remote authenticated users to bypass localhost only access security protection for some ePO features via a specially crafted...
Mcafee Epolicy Orchestrator
1 EDB exploit
4
CVSSv2
CVE-2018-6672
Information disclosure vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 up to and including 5.3.3 and 5.9.0 up to and including 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors.
Mcafee Epolicy Orchestrator
2.3
CVSSv2
CVE-2020-7317
Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO) before 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for "syncPointList" not being correctly sanitsed.
Mcafee Epolicy Orchestrator
2.3
CVSSv2
CVE-2020-7318
Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) before 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.
Mcafee Epolicy Orchestrator
6.5
CVSSv2
CVE-2017-3980
A directory traversal vulnerability in the ePO Extension in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, and 5.1.3 and previous versions allows remote authenticated users to execute a command of their choice via an authenticated ePO session.
Mcafee Epolicy Orchestrator
7.5
CVSSv2
CVE-2015-8765
Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and previous versions, 5.0.x, 5.1.x prior to 5.1.3 Hotfix 1106041, and 5.3.x prior to 5.3.1 Hotfix 1106041 allow remote malicious users to execute arbitrary code via a crafted serialized Java object, related to the Apache Commons Coll...
Mcafee Epolicy Orchestrator
7.5
CVSSv2
CVE-2016-8027
SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and previous versions and 5.1.3 and previous versions allows malicious users to alter a SQL query, which can result in disclosure of information within the database or impersona...
Mcafee Epolicy Orchestrator
10
CVSSv2
CVE-2002-0690
Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote malicious users to execute arbitrary code via an HTTP GET request with a URI containing format strings.
Mcafee Epolicy Orchestrator 2.5.1
5
CVSSv2
CVE-2006-3623
Directory traversal vulnerability in Framework Service component in McAfee ePolicy Orchestrator agent 3.5.0.x and previous versions allows remote malicious users to create arbitrary files via a .. (dot dot) in the directory and filename in a PropsResponse (PackageType) request.
Mcafee Epolicy Orchestrator Agent
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »