4 matches found
McAfee ePolicy Orchestrator SQL Injection Vulnerability
McAfee ePolicy Orchestrator is prone to a blind SQL injection vulnerability SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2016-8027
SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator ePO 5.3.2 and earlier and 5.1.3 and earlier allows attackers to alter a SQL query, which can result in disclosure of information within the database or impersonation of an agent without authentication via a...
CVE-2016-8027
SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator ePO 5.3.2 and earlier and 5.1.3 and earlier allows attackers to alter a SQL query, which can result in disclosure of information within the database or impersonation of an agent without authentication via a...
CVE-2016-8027
Summary: CVE-2016-8027 is a SQL injection in McAfee ePolicy Orchestrator (ePO) where the Agent GUID is used to build a SQL query without proper sanitization. The vulnerability exists in the DataChannel/Agent communication path (via SPIPE and HTTP POST) used by agents to report data. The exploit c...