2 matches found
McAfee Asset Manager ReportsAudit.jsp Input Validation Error (CVE-2014-2587)
An input validation error vulnerability has been reported in McAfee Asset Manager. The vulnerability is due to insufficient input validation on the "user" parameter of "ReportsAudit.jsp". A remote authenticated attacker can exploit this vulnerability to execute SQL commands on the underlying...
CVE-2014-2587
CVE-2014-2587 affects McAfee Asset Manager 6.6, where a flaw in ReportsAudit.jsp allows SQL injection through the user parameter of an audit report. The underlying issue is improper input handling in ReportsAudit.jsp, enabling a remote authenticated user to inject and execute arbitrary SQL comman...