Unrated severityNVD Advisory· Published Feb 26, 2014· Updated Jun 17, 2026
CVE-2014-2205
CVE-2014-2205
Description
The Import and Export Framework in McAfee ePolicy Orchestrator (ePO) before 4.6.7 Hotfix 940148 allows remote authenticated users with permissions to add dashboards to read arbitrary files by importing a crafted XML file, related to an XML External Entity (XXE) issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:mcafee:epolicy_orchestrator:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:mcafee:epolicy_orchestrator:*:*:*:*:*:*:*:*range: <=4.6.7
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.6:*:*:*:*:*:*:*
- (no CPE)range: <4.6.7
Patches
Vulnerability mechanics
References
5- www.redteam-pentesting.de/advisories/rt-sa-2014-001.txtnvdExploit
- secunia.com/advisories/57114nvdVendor Advisory
- kc.mcafee.com/corporate/indexnvdVendor Advisory
- www.securityfocus.com/archive/1/531255/100/0/threadednvd
- www.securityfocus.com/bid/65771nvd
News mentions
0No linked articles in our index yet.