Lucene search

K
nvd[email protected]NVD:CVE-2015-2053
HistoryFeb 23, 2015 - 5:59 p.m.

CVE-2015-2053

2015-02-2317:59:10
CWE-20
web.nvd.nist.gov
4

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.4

Confidence

Low

EPSS

0.003

Percentile

69.4%

The log viewer in McAfee Agent (MA) before 4.8.0 Patch 3 and 5.0.0, when the “Accept connections only from the ePO server” option is disabled, allows remote attackers to conduct clickjacking attacks via a crafted web page, aka an “http-generic-click-jacking” vulnerability.

Affected configurations

Nvd
Node
mcafeemcafee_agentRange4.8.0
OR
mcafeemcafee_agentMatch5.0.0
VendorProductVersionCPE
mcafeemcafee_agent*cpe:2.3:a:mcafee:mcafee_agent:*:*:*:*:*:*:*:*
mcafeemcafee_agent5.0.0cpe:2.3:a:mcafee:mcafee_agent:5.0.0:*:*:*:*:*:*:*

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.4

Confidence

Low

EPSS

0.003

Percentile

69.4%

Related for NVD:CVE-2015-2053