Unrated severityNVD Advisory· Published Nov 11, 2020· Updated Sep 17, 2024
Server-Side Request Forgery (SSRF) in MVISION Endpoint ePO extension
CVE-2020-7329
Description
Server-side request forgery vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers trigger server-side DNS requests to arbitrary domains via carefully constructed XML files loaded by an ePO administrator.
Affected products
2- Range: <20.11
- McAfee, LLC/MVISION Endpoint ePO extensionv5Range: 20.x
Patches
Vulnerability mechanics
References
1- kc.mcafee.com/corporate/indexmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.