The Import and Export Framework in McAfee ePolicy Orchestrator (ePO) prior to 4.6.7 Hotfix 940148 allows remote authenticated users with permissions to add dashboards to read arbitrary files by importing a crafted XML file, related to an XML External Entity (XXE) issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mcafee epolicy orchestrator 4.6.3 |
||
mcafee epolicy orchestrator 4.6.2 |
||
mcafee epolicy orchestrator 4.6.5 |
||
mcafee epolicy orchestrator 4.6.4 |
||
mcafee epolicy orchestrator |
||
mcafee epolicy orchestrator 4.6.6 |
||
mcafee epolicy orchestrator 4.6.1 |
||
mcafee epolicy orchestrator 4.6.0 |