This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Mcafee First view 2019-07-03
Product Epolicy Orchestrator Last view 2021-10-22
Version 5.10.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:mcafee:epolicy_orchestrator

Activity : Overall

Related : CVE

  Date Alert Description
4.8 2021-10-22 CVE-2021-31835

Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 11 allows ePO administrators to inject arbitrary web script or HTML via a specific parameter where the administrator's entries were not correctly sanitized.

5.4 2021-10-22 CVE-2021-31834

Stored Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 11 allows ePO administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.

4.3 2020-10-14 CVE-2020-7318

Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.

4.3 2020-10-14 CVE-2020-7317

Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for "syncPointList" not being correctly sanitsed.

4.9 2019-07-03 CVE-2019-3619

Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 prior to 5.10.0 update 4 allows remote unauthenticated attacker to view sensitive information in plain text via sniffing the traffic between the Agent Handler and the SQL server.

CWE : Common Weakness Enumeration

%idName
80% (4) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
20% (1) CWE-319 Cleartext Transmission of Sensitive Information