Known Vulnerabilities for Epolicy Orchestrator by Mcafee
Listed below are 10 of the newest known vulnerabilities associated with "Epolicy Orchestrator" by "Mcafee".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-3946 json | A reflected cross-site scripting (XSS) vulnerability in ePO prior to 5.10 SP1 Update 1allows a remote unauthenticated attack... | 6.1 - MEDIUM | 2023-07-26 | 2023-08-03 |
| CVE-2022-3339 json | A reflected cross-site scripting (XSS) vulnerability in ePO prior to 5.10 Update 14 allows a remote unauthenticated attacker ... | 6.1 - MEDIUM | 2022-10-18 | 2022-10-20 |
| CVE-2022-3338 json | An External XML entity (XXE) vulnerability in ePO prior to 5.10 Update 14 can lead to an unauthenticated remote attacker to p... | 5.4 - MEDIUM | 2022-10-18 | 2022-10-20 |
| CVE-2022-1258 json | A blind SQL injection vulnerability in the ePolicy Orchestrator (ePO) extension of MA prior to 5.7.6 can be exploited by an a... | 7.2 - HIGH | 2022-04-14 | 2023-11-15 |
| CVE-2022-0862 json | A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise ePolicy Orchestrator (ePO) prior... | 5.3 - MEDIUM | 2022-03-23 | 2023-11-07 |
| CVE-2022-0861 json | A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote a... | 3.8 - LOW | 2022-03-23 | 2023-11-15 |
| CVE-2022-0859 json | McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to point an ePO server to an arb... | 6.7 - MEDIUM | 2022-03-23 | 2023-11-15 |
| CVE-2022-0858 json | A cross-site scripting (XSS) vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a r... | 4.7 - MEDIUM | 2022-03-23 | 2023-11-16 |
| CVE-2022-0857 json | A reflected cross-site scripting (XSS) vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 ... | 6.1 - MEDIUM | 2022-03-23 | 2023-11-15 |
| CVE-2022-0842 json | A blind SQL injection vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote a... | 4.9 - MEDIUM | 2022-03-23 | 2023-11-15 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Mcafee | Epolicy Orchestrator | 5.9.1 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.9.0 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.3.3 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.3.2 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.3.1 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.3.0 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.10.9 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.10.0 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.10.0 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.10.0 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.10.0 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.10.0 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.10.0 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.10.0 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.10.0 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.10.0 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.10.0 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.1.3 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.1.2 | |||
| Application | Mcafee | Epolicy Orchestrator | 5.1.1 |