Spoofing

2015-02-2317:59:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.4%

JSON

The log viewer in McAfee Agent (MA) before 4.8.0 Patch 3 and 5.0.0, when the “Accept connections only from the ePO server” option is disabled, allows remote attackers to conduct clickjacking attacks via a crafted web page, aka an “http-generic-click-jacking” vulnerability.

CPENameOperatorVersion
mcafee_agentle4.8.0
mcafee_agenteq5.0.0

CPE	Name	Operator	Version
	mcafee_agent	le	4.8.0
	mcafee_agent	eq	5.0.0

References

www.securityfocus.com/bid/74873

www.securitytracker.com/id/1031821

kc.mcafee.com/corporate/index?page=content&id=SB10094