5 matches found
Authentication flaw
McAfee Enterprise Security Manager ESM, Enterprise Security Manager/Log Manager ESMLM, and Enterprise Security Manager/Receiver ESMREC 9.3.x before 9.3.2MR19, 9.4.x before 9.4.2MR9, and 9.5.x before 9.5.0MR8, when configured to use Active Directory or LDAP authentication sources, allow remote...
CVE-2015-8024
McAfee Enterprise Security Manager ESM, Enterprise Security Manager/Log Manager ESMLM, and Enterprise Security Manager/Receiver ESMREC 9.3.x before 9.3.2MR19, 9.4.x before 9.4.2MR9, and 9.5.x before 9.5.0MR8, when configured to use Active Directory or LDAP authentication sources, allow remote...
CVE-2015-8024
McAfee Enterprise Security Manager (ESM), including ESMLM and ESMREC, is affected on versions 9.3.x before 9.3.2MR19, 9.4.x before 9.4.2MR9, and 9.5.x before 9.5.0MR8 when configured with Active Directory/LDAP. The issue is an authentication bypass caused by improper handling of usernames, allowi...
CVE-2015-7310
McAfee Enterprise Security Manager (ESM), ESMLM, and ESMREC are affected by CVE-2015-7310. Versions prior to 9.3.2MR18, 9.4.x prior to 9.4.2MR8, and 9.5.x prior to 9.5.0MR7 allow remote authenticated users to execute arbitrary OS commands via a crafted filename when downloading a file, due to imp...
CVE-2015-7310
McAfee Enterprise Security Manager ESM, Enterprise Security Manager/Log Manager ESMLM, and Enterprise Security Manager/Receiver ESMREC before 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7 allow remote authenticated users to execute arbitrary OS commands via a crafted filename, which...