Published: 15/06/2018 Updated: 07/11/2023

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 405

Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N

Application Protection Bypass vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 up to and including 5.3.3 and 5.9.0 up to and including 5.9.1 allows remote authenticated users to bypass localhost only access security protection for some ePO features via a specially crafted HTTP request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mcafee epolicy orchestrator

# Exploit Title: McAfee ePO 591 Registered Executable Local Access Bypass # Date: 2019-03-07 # Exploit Author: @leonjza # Vendor Homepage: wwwmcafeecom/ # Software Link: wwwmcafeecom/enterprise/en-us/products/epolicy-orchestratorhtml # Version: ePO v591 # Tested on: Windows Server 2012 # CVE : cve-2018-6671 GIST LINK: http ...

McAfee ePO version 591 suffers from a local access bypass vulnerability ...

NVD-CWE-noinfo http://www.securityfocus.com/bid/104485 https://kc.mcafee.com/corporate/index?page=content&id=SB10240 https://www.exploit-db.com/exploits/46518/http://www.securitytracker.com/id/1041155 https://nvd.nist.gov https://www.exploit-db.com/exploits/46518

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-6671

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect