Epolicy Orchestrator@3.6.1 Security Vulnerabilities and Issues — Epolicy Orchestrator@3.6.1 CVE List

Lucene search

McafeeEpolicy Orchestrator3.6.1

4 matches found

CVE•added 2013/05/01 12:0 p.m.•58 views

CVE-2013-0140

SQL injection vulnerability in the Agent-Handler component in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to execute arbitrary SQL commands via a crafted request over the Agent-Server communication channel.

7.9CVSS8.2AI score0.03293EPSS

CVE•added 2013/05/01 12:0 p.m.•53 views

CVE-2013-0141

Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to upload arbitrary files via a crafted request over the Agent-Server communication channel, as demonstrated by writing to the Software/ directory.

4.3CVSS6.7AI score0.00421EPSS

CVE•added 2007/03/16 10:19 p.m.•48 views

CVE-2007-1498

Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argu...

9.3CVSS7.4AI score0.27843EPSS

CVE•added 2012/08/22 10:42 a.m.•42 views

CVE-2012-4594

McAfee ePolicy Orchestrator (ePO) 4.6.1 and earlier allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information from arbitrary reporting panels, via a modified ID value in a console URL.

4CVSS6.1AI score0.00156EPSS