Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2022/10/18 12:0 a.m.9 views

CVE-2022-3338 XXE in Trellix ePO server

An External XML entity XXE vulnerability in ePO prior to 5.10 Update 14 can lead to an unauthenticated remote attacker to potentially trigger a Server Side Request Forgery attack. This can be exploited by mimicking the Agent Handler call to ePO and passing the carefully constructed XML file throu...

5.4CVSS7.3AI score0.00457EPSS
Exploits0References1
CVE
CVE
added 2022/10/18 12:0 a.m.73 views

CVE-2022-3338

CVE-2022-3338 is a Trellix ePolicy Orchestrator XXE vulnerability affecting ePO versions prior to 5.10 Update 14. An unauthenticated attacker could trigger a server-side request forgery by passing a crafted XML via the API, potentially exploiting the Agent Handler path. Supported details from con...

5.4CVSS5.7AI score0.00457EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/18 12:0 a.m.33 views

CVE-2022-3338 XXE in Trellix ePO server

An External XML entity XXE vulnerability in ePO prior to 5.10 Update 14 can lead to an unauthenticated remote attacker to potentially trigger a Server Side Request Forgery attack. This can be exploited by mimicking the Agent Handler call to ePO and passing the carefully constructed XML file throu...

5.4CVSS6AI score0.00457EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/10/14 12:0 a.m.127 views

McAfee ePolicy Orchestrator Multiple Vulnerabilities (SB10387)

The instance of McAfee ePolicy Orchestrator installed on the remote host is affected by multiple vulnerabilities, including the following: - An External XML entity XXE vulnerability in ePO prior to 5.10 Update 14 can lead to an unauthenticated remote attacker to potentially trigger a Server Side...

6.1CVSS5.5AI score0.00558EPSS
Exploits0References3
Rows per page
Query Builder