CVE-2018-6660
SB10228 ePO Directory Traversal vulnerability
Directory Traversal vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows administrators to use Windows alternate data streams, which could be used to bypass the file extensions, via not properly validating the path when exporting a particular XML file.
CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:H
Productos afectados
McAfee · ePolicy Orchestrator (ePO)¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →