McAfee ePolicy Orchestrator 5.10.9

CPE Details

McAfee ePolicy Orchestrator 5.10.9
mcafee
epolicy_orchestrator
5.10.9
2020-12-04
20h34 +00:00
2020-12-04
20h34 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.9:*:*:*:*:*:*:*

Informations

Vendor

mcafee

Product

epolicy_orchestrator

Version

5.10.9

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-7317 2020-10-14 16h20 +00:00 Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for "syncPointList" not being correctly sanitsed.
4.6
Medium
CVE-2020-7318 2020-10-14 16h20 +00:00 Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.
4.6
Medium
CVE-2019-3604 2019-02-01 15h00 +00:00 Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) Cloud allows unauthenticated users to perform unintended ePO actions using an authenticated user's session via unspecified vectors.
8.8
High
CVE-2012-4594 2012-08-22 08h00 +00:00 McAfee ePolicy Orchestrator (ePO) 4.6.1 and earlier allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information from arbitrary reporting panels, via a modified ID value in a console URL.
4