The log viewer in McAfee Agent (MA) prior to 4.8.0 Patch 3 and 5.0.0, when the "Accept connections only from the ePO server" option is disabled, allows remote malicious users to conduct clickjacking attacks via a crafted web page, aka an "http-generic-click-jacking" vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mcafee mcafee agent |
||
mcafee mcafee agent 5.0.0 |