Lucene search
HistoryFeb 23, 2015 - 5:59 p.m.
CVE-2015-2053
mcafee agent
cve-2015-2053
log viewer
clickjacking
web page vulnerability
6.6 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
69.4%
The log viewer in McAfee Agent (MA) before 4.8.0 Patch 3 and 5.0.0, when the “Accept connections only from the ePO server” option is disabled, allows remote attackers to conduct clickjacking attacks via a crafted web page, aka an “http-generic-click-jacking” vulnerability.
Affected configurations
Node
mcafeemcafee_agentRange≤4.8.0
ORmcafeemcafee_agentMatch5.0.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| mcafee:mcafee_agent | mcafee mcafee agent | le | 4.8.0 |
| mcafee:mcafee_agent | mcafee mcafee agent | eq | 5.0.0 |
Related
kaspersky
kaspersky
KLA10484 Interface spoofing vulnerability in McAfee Agent
2015-02-23 00:00:00
nvd
nvd
CVE-2015-2053
2015-02-23 17:59:10
openvas
openvas
McAfee Agent (MA) Log Viewing Feature Unspecified Clickjacking Vulnerability
2015-03-02 00:00:00
nessus
nessus
prion
prion
Spoofing
2015-02-23 17:59:00
cvelist
cvelist
CVE-2015-2053
2015-02-23 17:00:00
6.6 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
69.4%
Related for CVE-2015-2053