Medium severity6.2NVD Advisory· Published Apr 2, 2018· Updated Jun 17, 2026
CVE-2018-6660
CVE-2018-6660
Description
Directory Traversal vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows administrators to use Windows alternate data streams, which could be used to bypass the file extensions, via not properly validating the path when exporting a particular XML file.
Affected products
25.3.0, 5.3.1, 5.3.2, 5.9.0+ 1 more
- (no CPE)range: 5.3.0, 5.3.1, 5.3.2, 5.9.0
- (no CPE)range: 5.3.2
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.