CVE-2014-2536

CVE-2014-2536 affects McAfee Cloud Identity Manager 3.0/3.1/3.5.1, McAfee Cloud Single Sign On (MCSSO) before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1/2.5. The vulnerability is a directory traversal that allows remote authenticated users to read an unspecified file containing a hash o...

CVE-2014-2586

CVE-2014-2586 describes a Cross-site scripting (XSS) vulnerability in the login audit form of McAfee Cloud Single Sign On (SSO) . The flaw allows a remote attacker to inject arbitrary web script or HTML via a crafted password. Some sources imply the impact could include access to sensitive user i...