Unrated severityNVD Advisory· Published Mar 23, 2022· Updated Aug 2, 2024
ePO blind SQL Injection vulnerability
CVE-2022-0842
Description
A blind SQL injection vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote authenticated attacker to potentially obtain information from the ePO database. The data obtained is dependent on the privileges the attacker has and to obtain sensitive data the attacker would require administrator privileges.
Affected products
2<5.10 Update 13+ 1 more
- (no CPE)range: <5.10 Update 13
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- kc.mcafee.com/corporate/indexmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.