VYPR
Unrated severityNVD Advisory· Published Mar 23, 2022· Updated Aug 2, 2024

ePO XML extended entity vulnerability

CVE-2022-0861

Description

A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote administrator attacker to upload a malicious XML file through the extension import functionality. The impact is limited to some access to confidential information and some ability to alter data.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.