Mcafee Epolicy Orchestrator Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Version

2.5.1	6
5.10 Update 12	6
5.10 Update 10	4
5.3.0	4
5.3.1	4

Remediation

Official Fix	42
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	6

Exploitability

High	0
Functional	0
Proof-of-Concept	18
Unproven	6
Not Defined	24

Access Vector

Not Defined	0
Physical	0
Local	6
Adjacent	2
Network	40

Authentication

Not Defined	0
High	4
Low	12
None	32

User Interaction

Not Defined	0
Required	10
None	38

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	4
≤5	10
≤6	12
≤7	0
≤8	8
≤9	8
≤10	6

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	6
≤5	14
≤6	6
≤7	6
≤8	10
≤9	4
≤10	2

VulDB

≤1	0
≤2	0
≤3	2
≤4	4
≤5	12
≤6	6
≤7	2
≤8	8
≤9	8
≤10	6

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	4
≤7	2
≤8	0
≤9	0
≤10	0

CNA

≤1	0
≤2	0
≤3	0
≤4	4
≤5	4
≤6	2
≤7	4
≤8	0
≤9	0
≤10	0

Vendor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	0
<2k	0
<5k	4
<10k	16
<25k	12
<50k	16
<100k	0
≥100k	0

Exploit Today

<1k	44
<2k	2
<5k	0
<10k	2
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit Market Volume

🔴 CTI Activities

Affected Versions (45): 2.0, 2.1, 2.2, 2.5, 2.5.1, 3.0, 3.5, 4.0, 4.6, 4.6.1, 4.6.2, 4.6.3, 4.6.4, 4.6.5, 4.6.6, 4.6.6 Build 176, 4.6.7, 4.6.8, 4.6.9, 5.0, 5.1, 5.1.1, 5.1.2, 5.1.3, 5.2, 5.3, 5.3.1, 5.3.2, 5.3.3, 5.4, 5.5, 5.6, 5.7, 5.7.1, 5.7.2, 5.7.3, 5.7.4, 5.7.5, 5.8, 5.9, 5.9.1, 5.10 Update 9, 5.10 Update 10, 5.10 Update 12, 5.10.0 Update 3

Link to Product Website: https://www.mcafee.com/

Software Type: Endpoint Management Software

Published	Base	Temp	Vulnerability	0day	Today	Exp	Rem	CVE
04/14/2022	6.2	6.1	McAfee ePolicy Orchestrator sql injection	$5k-$25k	$0-$5k	Not Defined	Official Fix	CVE-2022-1258
03/23/2022	4.8	4.7	McAfee ePolicy Orchestrator Link cross site scripting	$5k-$25k	$0-$5k	Not Defined	Official Fix	CVE-2022-0857
03/23/2022	5.3	5.2	McAfee ePolicy Orchestrator insufficiently protected credentials	$0-$5k	$0-$5k	Not Defined	Official Fix	CVE-2022-0859
03/23/2022	4.3	4.2	McAfee ePolicy Orchestrator Link cross site scripting	$5k-$25k	$0-$5k	Not Defined	Official Fix	CVE-2022-0858
03/23/2022	4.0	4.0	McAfee ePolicy Orchestrator sql injection	$5k-$25k	$0-$5k	Not Defined	Official Fix	CVE-2022-0842
03/23/2022	4.1	4.0	McAfee ePolicy Orchestrator Extension Import xml external entity reference	$5k-$25k	$0-$5k	Not Defined	Official Fix	CVE-2022-0861
10/22/2021	3.6	3.5	McAfee ePolicy Orchestrator cross site scripting	$0-$5k	$0-$5k	Not Defined	Official Fix	CVE-2021-31835
10/22/2021	3.9	3.8	McAfee ePolicy Orchestrator cross site scripting	$0-$5k	$0-$5k	Not Defined	Official Fix	CVE-2021-31834
03/27/2021	5.3	5.1	McAfee ePolicy Orchestrator Agent information disclosure	$5k-$25k	Calculating	Not Defined	Official Fix	CVE-2021-23890
03/27/2021	3.6	3.4	McAfee ePolicy Orchestrator cross site scripting	$0-$5k	$0-$5k	Not Defined	Official Fix	CVE-2021-23889

38 more entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 38 results.

more entries by Mcafee

◂ PreviousOverviewNext ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!