CVE-2015-0921

NONECVSS 0.0

0.0

XML external entity (XXE) vulnerability in the Server Task Log in McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 allows remote authenticated users to read arbitrary files via the conditionXML parameter to the taskLogTable to orionUpdateTableFilter.do.

🔗 References (16)

cve@mitrehttp://packetstormsecurity.com/files/129827/McAfee-ePolicy-Orchestrator-Authenticated-XXE-Credential-Exposure.html
cve@mitrehttp://seclists.org/fulldisclosure/2015/Jan/37
cve@mitrehttp://seclists.org/fulldisclosure/2015/Jan/8
cve@mitrehttp://secunia.com/advisories/61922
cve@mitrehttp://www.securitytracker.com/id/1031519
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/99950
cve@mitrehttps://gist.github.com/brandonprry/692e553975bf29aeaf2c
cve@mitrehttps://kc.mcafee.com/corporate/index?page=content&id=SB10095
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/129827/McAfee-ePolicy-Orchestrator-Authenticated-XXE-Credential-Exposure.html
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2015/Jan/37
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2015/Jan/8
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61922
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1031519
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/99950
af854a3a-2127-422b-91ae-364da2661108https://gist.github.com/brandonprry/692e553975bf29aeaf2c

Is Your Infrastructure Affected by CVE-2015-0921?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2015-0921

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2015-0921?