Lucene search

TrellixCVELIST:CVE-2018-6672

HistoryJun 15, 2018 - 2:00 p.m.

CVE-2018-6672 SB10240 - ePolicy Orchestrator (ePO) - Information disclosure vulnerablity

2018-06-1514:00:00

trellix

www.cve.org

5.7 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.3%

JSON

Information disclosure vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors.

CNA Affected

[
  {
    "product": "ePolicy Orchestrator (ePO)",
    "vendor": "McAfee",
    "versions": [
      {
        "lessThan": "5.3.3 with hotfix EPO5xHF1229850",
        "status": "affected",
        "version": "5.3.0 through 5.3.3",
        "versionType": "custom"
      },
      {
        "lessThan": "5.9.1 with hotfix EPO5xHF1229850",
        "status": "affected",
        "version": "5.9.0 through 5.9.1",
        "versionType": "custom"
      }
    ]
  }
]

References

www.securityfocus.com/bid/104485

www.securitytracker.com/id/1041155

kc.mcafee.com/corporate/index?page=content&id=SB10240

5.7 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.3%

JSON

Related for CVELIST:CVE-2018-6672