6.5
CVE-2018-6671
- EPSS 1.05%
- Veröffentlicht 15.06.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:11:05
- Quelle trellixpsirt@trellix.com
- CVE-Watchlists
- Unerledigt
LoginApplication Protection Bypass vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows remote authenticated users to bypass localhost only access security protection for some ePO features via a specially crafted HTTP request.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mcafee ≫ Epolicy Orchestrator Version >= 5.3.0 <= 5.3.3
Mcafee ≫ Epolicy Orchestrator Version >= 5.9.0 <= 5.9.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.05% | 0.769 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:P/A:N
|
| trellixpsirt@trellix.com | 4.7 | 1.6 | 2.7 |
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
|