Unrated severityNVD Advisory· Published Mar 23, 2022· Updated Aug 2, 2024
ePO XML extended entity vulnerability
CVE-2022-0861
Description
A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote administrator attacker to upload a malicious XML file through the extension import functionality. The impact is limited to some access to confidential information and some ability to alter data.
Affected products
2<5.10.13+ 1 more
- (no CPE)range: <5.10.13
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- kc.mcafee.com/corporate/indexmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.