Epolicy Orchestrator
Sign in to watchby McAfee
Source repositories
CVEs (26)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2012-4594 | 0.00 | — | 0.00 | Aug 22, 2012 | McAfee ePolicy Orchestrator (ePO) 4.6.1 and earlier allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information from arbitrary reporting panels, via a modified ID value in a console URL. | ||
| CVE-2004-0038 | 0.00 | — | 0.02 | Jun 14, 2004 | McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 allows remote attackers to execute arbitrary commands via certain HTTP POST requests to the spipe/file handler on ePO TCP port 81. | ||
| CVE-2003-0148 | 0.00 | — | 0.00 | Aug 27, 2003 | The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from the ePO server using a certain request, (2) crack the password due to weak cryptography, and (3) use the password to pass commands through xp_cmdshell. | ||
| CVE-2003-0616 | 0.00 | — | 0.02 | Aug 27, 2003 | Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution. | ||
| CVE-2003-0149 | 0.00 | — | 0.02 | Aug 27, 2003 | Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters. | ||
| CVE-2003-0610 | 0.00 | — | 0.01 | Aug 27, 2003 | Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request. |
Page 2 of 2