Mcafee Epolicy Orchestrator vulnerabilities
85 known vulnerabilities affecting mcafee/epolicy_orchestrator.
Total CVEs
85
CISA KEV
0
Public exploits
13
Exploited in wild
0
Severity breakdown
CRITICAL5HIGH16MEDIUM46LOW18
Vulnerabilities
Page 1 of 5
CVE-2020-13935P2HIGHCVSS 7.5PoCv5.9.0v5.9.1+1 more2020-07-14
CVE-2020-13935 [HIGH] CWE-835 CVE-2020-13935: The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service.
nvd
CVE-2006-5156P2CRITICALCVSS 10.0PoCv3.0v3.5.02006-10-05
CVE-2006-5156 [CRITICAL] CVE-2006-5156: Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126
Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header.
nvd
CVE-2020-9484P2HIGHCVSS 7.0PoCv5.9.0v5.9.1+1 more2020-05-20
CVE-2020-9484 [HIGH] CWE-502 CVE-2020-9484: When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassN
nvd
CVE-2013-0140P3HIGHCVSS 7.9PoC≤ 4.5.6v2.0+17 more2013-05-01
CVE-2013-0140 [HIGH] CWE-89 CVE-2013-0140: SQL injection vulnerability in the Agent-Handler component in McAfee ePolicy Orchestrator (ePO) befo
SQL injection vulnerability in the Agent-Handler component in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to execute arbitrary SQL commands via a crafted request over the Agent-Server communication channel.
nvd
CVE-2021-3712P2HIGHCVSS 7.4fixed in 5.10.0v5.10.02021-08-24
CVE-2021-3712 [HIGH] CWE-125 CVE-2021-3712: ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that
nvd
CVE-2018-6671P3MEDIUMCVSS 6.5PoC≥ 5.3.0, ≤ 5.3.3≥ 5.9.0, ≤ 5.9.1+2 more2018-06-15
CVE-2018-6671 [MEDIUM] CVE-2018-6671: Application Protection Bypass vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3
Application Protection Bypass vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows remote authenticated users to bypass localhost only access security protection for some ePO features via a specially crafted HTTP request.
nvd
CVE-2021-23840P3HIGHCVSS 7.5fixed in 5.10.0v5.10.02021-02-16
CVE-2021-23840 [HIGH] CWE-190 CVE-2021-23840: Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length ar
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. Th
nvd
CVE-2013-4882P3MEDIUMCVSS 6.5PoC≤ 4.6.6v4.6.0+5 more2013-07-22
CVE-2013-4882 [MEDIUM] CVE-2013-4882: Multiple SQL injection vulnerabilities in McAfee ePolicy Orchestrator 4.6.6 and earlier, and the ePo
Multiple SQL injection vulnerabilities in McAfee ePolicy Orchestrator 4.6.6 and earlier, and the ePolicy Orchestrator (ePO) extension for McAfee Agent (MA) 4.5 and 4.6, allow remote authenticated users to execute arbitrary SQL commands via the uid parameter to (1) core/showRegisteredTypeDetails.do and (2) EPOAGENTMETA/DisplayMSAPropsDetail.do, a different vul
nvd
CVE-2015-0921P3MEDIUMCVSS 4.0PoC≤ 4.6.8v5.0.0+3 more2015-01-09
CVE-2015-0921 [MEDIUM] CVE-2015-0921: XML external entity (XXE) vulnerability in the Server Task Log in McAfee ePolicy Orchestrator (ePO)
XML external entity (XXE) vulnerability in the Server Task Log in McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 allows remote authenticated users to read arbitrary files via the conditionXML parameter to the taskLogTable to orionUpdateTableFilter.do.
nvd
CVE-2015-0922P3MEDIUMCVSS 5.0PoC≤ 4.6.8v5.0.0+3 more2015-01-09
CVE-2015-0922 [MEDIUM] CWE-200 CVE-2015-0922: McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 uses the same secret key across
McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 uses the same secret key across different customers' installations, which allows attackers to obtain the administrator password by leveraging knowledge of the encrypted password.
nvd
CVE-2021-33037P3MEDIUMCVSS 5.3fixed in 5.10.0v5.10.02021-07-12
CVE-2021-33037 [MEDIUM] CWE-444 CVE-2021-33037: Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse th
Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer encoding header if the client declared it would only
nvd
CVE-2004-0095P4MEDIUMCVSS 5.0PoCv3.6.02004-02-17
CVE-2004-0095 [MEDIUM] CVE-2004-0095: McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consu
McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, possibly triggering a buffer overflow.
nvd
CVE-2016-8027P2CRITICALCVSS 10.0≥ 5.1.0, ≤ 5.1.3≥ 5.3.0, ≤ 5.3.22017-03-14
CVE-2016-8027 [CRITICAL] CWE-89 CVE-2016-8027: SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3
SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier allows attackers to alter a SQL query, which can result in disclosure of information within the database or impersonation of an agent without authentication via a specially crafted HTTP post.
nvd
CVE-2017-3936P3CRITICALCVSS 9.8v5.1.0v5.1.1+8 more2018-06-13
CVE-2017-3936 [CRITICAL] CWE-78 CVE-2017-3936: OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, 5.3.1, 5.1.3,
OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, 5.3.1, 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows attackers to run arbitrary OS commands with limited privileges via not sanitizing the user input data before exporting it into a CSV format output.
nvd
CVE-2008-1357P3MEDIUMCVSS 5.4PoCv4.02008-03-17
CVE-2008-1357 [MEDIUM] CWE-134 CVE-2008-1357: Format string vulnerability in the logDetail function of applib.dll in McAfee Common Management Agen
Format string vulnerability in the logDetail function of applib.dll in McAfee Common Management Agent (CMA) 3.6.0.574 (Patch 3) and earlier, as used in ePolicy Orchestrator 4.0.0 build 1015, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in a sender field in an AgentWakeup request to
nvd
CVE-2013-0141P4MEDIUMCVSS 4.3PoC≤ 4.5.6v2.0+17 more2013-05-01
CVE-2013-0141 [MEDIUM] CWE-22 CVE-2013-0141: Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before
Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to upload arbitrary files via a crafted request over the Agent-Server communication channel, as demonstrated by writing to the Software/ directory.
nvd
CVE-2020-2604P3HIGHCVSS 8.1v5.9.0v5.9.1+1 more2020-01-15
CVE-2020-2604 [HIGH] CWE-502 CVE-2020-2604: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embed
nvd
CVE-2015-8765P3HIGHCVSS 8.3≤ 4.6.9≥ 5.0.0, ≤ 5.0.1+2 more2016-01-08
CVE-2015-8765 [HIGH] CVE-2015-8765: Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041,
Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041, and 5.3.x before 5.3.1 Hotfix 1106041 allow remote attackers to execute arbitrary code via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
nvd
CVE-2021-30639P3HIGHCVSS 7.5fixed in 5.10.0v5.10.02021-07-12
CVE-2021-30639 [HIGH] CWE-755 CVE-2021-30639: A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service. An erro
A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service. An error introduced as part of a change to improve error handling during non-blocking I/O meant that the error flag associated with the Request object was not reset between requests. This meant that once a non-blocking I/O error occurred, all future requests h
nvd
CVE-2013-4883P4MEDIUMCVSS 4.3PoC≤ 4.6.6v4.6.0+5 more2013-07-22
CVE-2013-4883 [MEDIUM] CWE-79 CVE-2013-4883: Multiple cross-site scripting (XSS) vulnerabilities in McAfee ePolicy Orchestrator 4.6.6 and earlier
Multiple cross-site scripting (XSS) vulnerabilities in McAfee ePolicy Orchestrator 4.6.6 and earlier, and the ePO Extension for the McAfee Agent (MA) 4.5 through 4.6, allow remote attackers to inject arbitrary web script or HTML via the (1) instanceId parameter core/loadDisplayType.do; (2) instanceId or (3) monitorUrl parameter to console/createDashboa
nvd
1 / 5Next →