Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee epolicy orchestrator 5.10.0 vulnerabilities and exploits
(subscribe to this query)
6.3
CVSSv3
CVE-2021-23888
Unvalidated client-side URL redirect vulnerability in McAfee ePolicy Orchestrator (ePO) before 5.10 Update 10 could cause an authenticated ePO user to load an untrusted site in an ePO iframe which could steal information from the authenticated user.
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
4.8
CVSSv3
CVE-2021-23889
Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) before 5.10 Update 10 allows ePO administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
6.7
CVSSv3
CVE-2022-0859
McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a local malicious user to point an ePO server to an arbitrary SQL server during the restoration of the ePO server. To achieve this the attacker would have to be logged onto the server hosting the ePO server...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
5.4
CVSSv3
CVE-2022-3338
An External XML entity (XXE) vulnerability in ePO before 5.10 Update 14 can lead to an unauthenticated remote malicious user to potentially trigger a Server Side Request Forgery attack. This can be exploited by mimicking the Agent Handler call to ePO and passing the carefully con...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
5.4
CVSSv3
CVE-2021-31834
Stored Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) before 5.10 Update 11 allows ePO administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
4.9
CVSSv3
CVE-2022-0842
A blind SQL injection vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote authenticated malicious user to potentially obtain information from the ePO database. The data obtained is dependent on the privileges the attacker has and to...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
5.3
CVSSv3
CVE-2022-0862
A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote malicious user to change the password of a compromised session without knowing the existing user's password. This fun...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
6.1
CVSSv3
CVE-2022-3339
A reflected cross-site scripting (XSS) vulnerability in ePO before 5.10 Update 14 allows a remote unauthenticated malicious user to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted l...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
6.5
CVSSv3
CVE-2021-23890
Information leak vulnerability in the Agent Handler of McAfee ePolicy Orchestrator (ePO) before 5.10 Update 10 allows an unauthenticated user to download McAfee product packages (specifically McAfee Agent) available in ePO repository and install them on their own machines to have...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
6.1
CVSSv3
CVE-2023-3946
A reflected cross-site scripting (XSS) vulnerability in ePO before 5.10 SP1 Update 1allows a remote unauthenticated malicious user to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafte...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »