Mcafee Llc Mcafee Enterprise Security Manager vulnerabilities

CVE-2019-3628 [HIGH] CVE-2019-3628: Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 allows authent Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 allows authenticated user to gain access to a core system component via incorrect access control.

CVE-2019-3631 [HIGH] CWE-78 CVE-2019-3631: Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prio Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.

CVE-2019-3630 [HIGH] CWE-78 CVE-2019-3630: Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prio Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.

CVE-2019-3632 [HIGH] CWE-22 CVE-2019-3632: Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and pr Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input.

CVE-2019-3629 [MEDIUM] CVE-2019-3629: Application protection bypass vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11. Application protection bypass vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows unauthenticated user to impersonate system users via specially crafted parameters.