Lucene search
+L
McafeeEnterprise Security Manager

9 matches found

cve
cve
added 2017/08/07 8:0 p.m.210 views

CVE-2015-7704

CVE-2015-7704 describes a denial-of-service in ntpd caused by handling of Kiss-of-Death (KoD) messages. The issue arises from KoD processing that could delay or stop querying time sources. Affected software: ntpd in NTP 4.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77. Impact: unauthenticated remot...

7.5CVSS8.2AI score0.1095EPSS
cve
cve
added 2019/09/11 2:8 p.m.89 views

CVE-2019-3644

CVE-2019-9517 is a denial-of-service vulnerability in McAfee Web Gateway (MWG) scanners exposed in MWG versions before 7.8.2.13. The issue arises from unconstrained interal data buffering in HTTP/2, where an attacker can flood a connection with requests and exhaust resources on the server. Affect...

7.5CVSS7.7AI score0.27004EPSS
cve
cve
added 2019/09/11 2:8 p.m.76 views

CVE-2019-3643

CVE-2019-3643 relates to McAfee Web Gateway (MWG) older than 7.8.2.13 and is described as vulnerable to CVE-2019-9511, potentially causing a denial of service. The Connected documents provide no additional MWG-specific technical details, remediation, or confirmed exploit information in this set. ...

7.5CVSS6.7AI score0.58373EPSS
cve
cve
added 2019/06/27 8:33 p.m.73 views

CVE-2019-3629

McAfee Enterprise Security Manager (ESM) has an authorization issue that allows an unauthenticated user to impersonate system users via specially crafted parameters. Affected versions are ESM prior to 11.2.0 and prior to 10.4.0. This is a protection bypass vulnerability in the application itself....

8.3CVSS6.9AI score0.0122EPSS
cve
cve
added 2019/06/27 8:39 p.m.66 views

CVE-2019-3630

CVE-2019-3630 affects McAfee Enterprise Security Manager (ESM). An authenticated user can trigger a command injection via specially crafted parameters, allowing execution of arbitrary code on affected systems. Affected versions are ESM prior to 11.2.0 and prior to 10.4.0. The vulnerability stems ...

8CVSS7.5AI score0.02009EPSS
cve
cve
added 2019/06/27 8:44 p.m.65 views

CVE-2019-3632

CVE-2019-3632 affects McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0. A directory traversal vulnerability allows an authenticated user to gain elevated privileges via specially crafted input, due to insufficient restrictions on path names. In practice, exploitation w...

8.8CVSS8.8AI score0.01711EPSS
cve
cve
added 2019/06/27 8:42 p.m.64 views

CVE-2019-3631

McAfee Enterprise Security Manager (ESM) is affected by a command injection vulnerability (CVE-2019-3631) in versions prior to 11.2.0 and prior to 10.4.0. The issue arises from input that can be crafted by anAuthenticated user to cause arbitrary code execution. Impact is described as remote code ...

8CVSS7.5AI score0.02009EPSS
cve
cve
added 2019/06/27 4:55 p.m.56 views

CVE-2019-3628

CVE-2019-3628 affects McAfee Enterprise Security Manager (ESM) 11.x before 11.2.0. An authenticated user can exploit incorrect access control to escalate privileges and access a core system component. Impact is described as privilege escalation with access to core components; remediation is to up...

8.8CVSS8.4AI score0.00976EPSS
cve
cve
added 2015/09/22 3:0 p.m.46 views

CVE-2015-7310

McAfee Enterprise Security Manager (ESM), ESMLM, and ESMREC are affected by CVE-2015-7310. Versions prior to 9.3.2MR18, 9.4.x prior to 9.4.2MR8, and 9.5.x prior to 9.5.0MR7 allow remote authenticated users to execute arbitrary OS commands via a crafted filename when downloading a file, due to imp...

6.5CVSS7.3AI score0.01127EPSS