CVE-2018-6671

🗓️ 15 Jun 2018 14:00:00Reported by trellixType

Application Protection Bypass vulnerability in McAfee ePO 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows remote authenticated users to bypass security protection via HTTP reques

Reporter	Title	Published	Views	Family All 9
0day.today	McAfee ePO 5.9.1 - Registered Executable Local Access Bypass Vulnerability	10 Mar 201900:00	–	zdt
CNVD	McAfee ePolicy Orchestrator Access Bypass Vulnerability	20 Jun 201800:00	–	cnvd
Cvelist	CVE-2018-6671 SB10240 - ePolicy Orchestrator (ePO) - Application Protection Bypass vulnerability	15 Jun 201814:00	–	cvelist
Exploit DB	McAfee ePO 5.9.1 - Registered Executable Local Access Bypass	8 Mar 201900:00	–	exploitdb
EUVD	EUVD-2018-18418	7 Oct 202500:30	–	euvd
exploitpack	McAfee ePO 5.9.1 - Registered Executable Local Access Bypass	8 Mar 201900:00	–	exploitpack
NVD	CVE-2018-6671	15 Jun 201814:29	–	nvd
Packet Storm	McAfee ePO 5.9.1 Registered Executable Local Access Bypass	8 Mar 201900:00	–	packetstorm
Prion	Security feature bypass	15 Jun 201814:29	–	prion

NVD

Node

mcafee epolicy_orchestratorRange5.3.0–5.3.3

mcafee epolicy_orchestratorRange5.9.0–5.9.1

[
  {
    "product": "ePolicy Orchestrator (ePO)",
    "vendor": "McAfee",
    "versions": [
      {
        "lessThan": "5.3.3 with hotfix EPO5xHF1229850",
        "status": "affected",
        "version": "5.3.0 through 5.3.3",
        "versionType": "custom"
      },
      {
        "lessThan": "5.9.1 with hotfix EPO5xHF1229850",
        "status": "affected",
        "version": "5.9.0 through 5.9.1",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
kc	www.kc.mcafee.com/corporate/index
securitytracker	www.securitytracker.com/id/1041155
securityfocus	www.securityfocus.com/bid/104485
exploit-db	www.exploit-db.com/exploits/46518/

21 Nov 2024 04:11Current

5.2Medium risk

Vulners AI Score5.2

CVSS 24

CVSS 34.7 - 6.5

EPSS0.01047