Mcafee Asset Manager vulnerabilities
2 known vulnerabilities affecting mcafee/asset_manager.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2014-2587P3MEDIUMCVSS 6.5PoCv6.62014-03-24
CVE-2014-2587 [MEDIUM] CWE-89 CVE-2014-2587: SQL injection vulnerability in jsp/reports/ReportsAudit.jsp in McAfee Asset Manager 6.6 allows remot
SQL injection vulnerability in jsp/reports/ReportsAudit.jsp in McAfee Asset Manager 6.6 allows remote authenticated users to execute arbitrary SQL commands via the username of an audit report (aka user parameter).
nvd
CVE-2014-2588P4MEDIUMCVSS 4.0PoCv6.62014-03-24
CVE-2014-2588 [MEDIUM] CWE-22 CVE-2014-2588: Directory traversal vulnerability in servlet/downloadReport in McAfee Asset Manager 6.6 allows remot
Directory traversal vulnerability in servlet/downloadReport in McAfee Asset Manager 6.6 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the reportFileName parameter.
nvd