McAfee ePolicy Orchestrator < 4.6.7 Hotfix 940148 XXE Vulnerability

McAfee ePolicy Orchestrator is prone to an XML external entity XXE vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2014-2205

The Import and Export Framework in McAfee ePolicy Orchestrator ePO before 4.6.7 Hotfix 940148 allows remote authenticated users with permissions to add dashboards to read arbitrary files by importing a crafted XML file, related to an XML External Entity XXE issue...