Lucene search
HistoryAug 27, 2003 - 4:00 a.m.
CVE-2003-0616
cve-2003-0616
epo service
mcafee
epolicy orchestrator
format string vulnerability
remote code execution
post request
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
Low
0.017 Low
EPSS
Percentile
87.9%
Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution.
Affected configurations
Node
mcafeeepolicy_orchestratorMatch2.0
ORmcafeeepolicy_orchestratorMatch2.5
ORmcafeeepolicy_orchestratorMatch2.5sp1
ORmcafeeepolicy_orchestratorMatch2.5.1
Related
nvd
nvd
CVE-2003-0616
2003-08-27 04:00:00
cvelist
cvelist
CVE-2003-0616
2003-08-01 04:00:00
securityvulns
securityvulns
ePolicy Orchestrator multiple vulnerabilities
2003-08-01 00:00:00
nessus
nessus
ePolicy Orchestrator Multiple Remote Vulnerabilities (OF, FS)
2003-07-31 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
Low
0.017 Low
EPSS
Percentile
87.9%
Related for CVE-2003-0616