Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee epolicy orchestrator vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-4883
Multiple cross-site scripting (XSS) vulnerabilities in McAfee ePolicy Orchestrator 4.6.6 and previous versions, and the ePO Extension for the McAfee Agent (MA) 4.5 up to and including 4.6, allow remote malicious users to inject arbitrary web script or HTML via the (1) instanceId ...
Mcafee Epolicy Orchestrator 4.6.3
Mcafee Epolicy Orchestrator 4.6.2
Mcafee Epolicy Orchestrator Agent 4.6
Mcafee Epolicy Orchestrator 4.6.0
Mcafee Epolicy Orchestrator 4.6.1
Mcafee Epolicy Orchestrator 4.6.5
Mcafee Epolicy Orchestrator 4.6.4
Mcafee Epolicy Orchestrator
Mcafee Epolicy Orchestrator Agent 4.5
1 EDB exploit
4.3
CVSSv2
CVE-2013-0141
Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 4.5.7 and 4.6.x prior to 4.6.6 allows remote malicious users to upload arbitrary files via a crafted request over the Agent-Server communication channel, as demonstrated by writing to the Software/ di...
Mcafee Epolicy Orchestrator 3.6.0
Mcafee Epolicy Orchestrator 3.5.0
Mcafee Epolicy Orchestrator 4.5.5
Mcafee Epolicy Orchestrator 4.5.4
Mcafee Epolicy Orchestrator 4.0
Mcafee Epolicy Orchestrator 3.6.1
Mcafee Epolicy Orchestrator 2.5
Mcafee Epolicy Orchestrator 2.0
Mcafee Epolicy Orchestrator 4.5.0
Mcafee Epolicy Orchestrator 2.5.1
Mcafee Epolicy Orchestrator 3.0
Mcafee Epolicy Orchestrator 4.5.3
Mcafee Epolicy Orchestrator
Mcafee Epolicy Orchestrator 4.6.4
Mcafee Epolicy Orchestrator 4.6.3
Mcafee Epolicy Orchestrator 4.6.1
Mcafee Epolicy Orchestrator 4.6.5
Mcafee Epolicy Orchestrator 4.6.0
Mcafee Epolicy Orchestrator 4.6.2
1 Github repository
4
CVSSv2
CVE-2022-0842
A blind SQL injection vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote authenticated malicious user to potentially obtain information from the ePO database. The data obtained is dependent on the privileges the attacker has and to...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
4
CVSSv2
CVE-2019-3619
Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 before 5.10.0 update 4 allows remote unauthenticated malicious user to view sensitive information in plain text via sniffing the traffic between the Agent Handler and t...
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
Mcafee Epolicy Orchestrator 5.10.0
4
CVSSv2
CVE-2018-6671
Application Protection Bypass vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 up to and including 5.3.3 and 5.9.0 up to and including 5.9.1 allows remote authenticated users to bypass localhost only access security protection for some ePO features via a specially crafted...
Mcafee Epolicy Orchestrator
1 EDB exploit
4
CVSSv2
CVE-2018-6672
Information disclosure vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 up to and including 5.3.3 and 5.9.0 up to and including 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors.
Mcafee Epolicy Orchestrator
4
CVSSv2
CVE-2018-6660
Directory Traversal vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows administrators to use Windows alternate data streams, which could be used to bypass the file extensions, via not properly validating the path when exporting a particular XM...
Mcafee Epolicy Orchestrator 5.3.0
Mcafee Epolicy Orchestrator 5.3.1
Mcafee Epolicy Orchestrator 5.3.2
Mcafee Epolicy Orchestrator 5.9.0
4
CVSSv2
CVE-2015-0921
XML external entity (XXE) vulnerability in the Server Task Log in McAfee ePolicy Orchestrator (ePO) prior to 4.6.9 and 5.x prior to 5.1.2 allows remote authenticated users to read arbitrary files via the conditionXML parameter to the taskLogTable to orionUpdateTableFilter.do.
Mcafee Epolicy Orchestrator
Mcafee Epolicy Orchestrator 5.0.0
Mcafee Epolicy Orchestrator 5.0.1
Mcafee Epolicy Orchestrator 5.1.0
Mcafee Epolicy Orchestrator 5.1.1
4
CVSSv2
CVE-2012-4594
McAfee ePolicy Orchestrator (ePO) 4.6.1 and previous versions allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information from arbitrary reporting panels, via a modified ID value in a console URL.
Mcafee Epolicy Orchestrator 4.0
Mcafee Epolicy Orchestrator 2.0
Mcafee Epolicy Orchestrator 3.5.0
Mcafee Epolicy Orchestrator 3.6.0
Mcafee Epolicy Orchestrator 2.5
Mcafee Epolicy Orchestrator 3.6.1
Mcafee Epolicy Orchestrator 4.5.0
Mcafee Epolicy Orchestrator 2.5.1
Mcafee Epolicy Orchestrator
Mcafee Epolicy Orchestrator 4.6.0
Mcafee Epolicy Orchestrator 3.0
3.5
CVSSv2
CVE-2021-31834
Stored Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) before 5.10 Update 11 allows ePO administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »