CVE-2003-0610 — Path Traversal in Epolicy Orchestrator

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.9%

top 24.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mcafee Epolicy Orchestrator

Timeline

PublishedAug 27

Latest updateApr 29

Description

Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmcafee/epolicy_orchestrator3.0

Patches

Patch: www.nai.com ↗Patch: www.nai.com ↗

🔴Vulnerability Details

GHSA

GHSA-g7gx-5w45-w3j8: Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3↗2022-04-29

▶

CVEList

CVE-2003-0610: Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3↗2003-08-01

▶