14 matches found
EUVD-2014-9726
Malware in sbrugna...
EUVD-2014-2572
Malware in sbrugna...
CVE-2014-2586
Cross-site scripting XSS vulnerability in the login audit form in McAfee Cloud Single Sign On SSO allows remote attackers to inject arbitrary web script or HTML via a crafted password...
The vulnerability of the McAfee ePO Cloud platform for centralized policy management lies in the lack of protection against cross-site request substitution. This allows attackers to perform arbitrary actions on vulnerable devices and gain access to vulnerable applications.
The vulnerability of the McAfee ePO Cloud platform for centralized policy management is related to the lack of protection against Cross-Site Request Forgery CSRF attacks. Exploiting this vulnerability allows a malicious actor to perform arbitrary actions on the vulnerable device remotely and gain...
McAfee Cloud Single Sign On登录审核表单跨站脚本漏洞
CVE ID:CVE-2014-2586 McAfee Cloud Single Sign On是适用于云的身份信息管理解决方案。 McAfee Cloud Single Sign On登录审核表单不正确处理特制的密码数据,允许攻击者利用漏洞注入任意WEB脚本或HTML,可获取目标用户敏感信息或劫持用户会话。 0 McAfee Cloud Single Sign On 目前没有详细解决方案提供: http://www.mcafee.com/us/products/...
McAfee Cloud Single Sign On Detection
Binary data mcafeecssoinstalled.nbin...
McAfee Cloud Single Sign On < 4.0.1 Information Disclosure (SB10066) (McAfee Linux OS)
A version of McAfee Cloud Single Sign On MCSSO prior to 4.0.1 is installed on the remote host. It is, therefore, affected by an information disclosure vulnerability due to a failure to sanitize user-supplied input, resulting in a potential directory traversal. An attacker could potentially exploi...
McAfee Cloud Single Sign On < 4.0.1 Information Disclosure (SB10066) (Windows)
A version of McAfee Cloud Single Sign On MCSSO prior to 4.0.1 is installed on the remote host. It is, therefore, affected by an information disclosure vulnerability due to a failure to sanitize user-supplied input, resulting in potential directory traversal. An attacker could potentially exploit...
Cross site scripting
Cross-site scripting XSS vulnerability in the login audit form in McAfee Cloud Single Sign On SSO allows remote attackers to inject arbitrary web script or HTML via a crafted password...
CVE-2014-2586
Cross-site scripting XSS vulnerability in the login audit form in McAfee Cloud Single Sign On SSO allows remote attackers to inject arbitrary web script or HTML via a crafted password...
CVE-2014-2536
Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0, 3.1, and 3.5.1, McAfee Cloud Single Sign On MCSSO before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1 and 2.5 allows remote authenticated users to read an unspecified file containing a hash of the administrator passwo...
Directory traversal
Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0, 3.1, and 3.5.1, McAfee Cloud Single Sign On MCSSO before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1 and 2.5 allows remote authenticated users to read an unspecified file containing a hash of the administrator passwo...
CVE-2014-2536
CVE-2014-2536 affects McAfee Cloud Identity Manager 3.0/3.1/3.5.1, McAfee Cloud Single Sign On (MCSSO) before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1/2.5. The vulnerability is a directory traversal that allows remote authenticated users to read an unspecified file containing a hash o...
McAfee Cloud Single Sign On目录遍历漏洞
CVE ID: CVE-2014-2536 McAfee Cloud Single Sign On是一款基于云的单点登录解决方案。 McAfee Cloud Single Sign On不正确过滤用户提交的输入,允许远程攻击者利用漏洞提交特制的目录遍历请求,读取任意文件内容。 0 McAfee Cloud Single Sign On formerly McAfee Cloud Identity Manager 4.x McAfee Cloud Single Sign On 4.0.1已经修复该漏洞,建议用户下载更新:...