Mcafee 漏洞

时间轴

类型

Not Defined	297
Data Loss Prevention Software	89
Anti-Malware Software	50
Endpoint Management Software	48
Firewall Software	35

产品

McAfee ePolicy Orchestrator	44
McAfee Network Data Loss Prevention	43
McAfee Endpoint Security	33
McAfee Data Loss Prevention	28
McAfee Agent	26

修正

Official Fix	400
Temporary Fix	0
Workaround	8
Unavailable	12
Not Defined	105

易受攻击性

High	20
Functional	1
Proof-of-Concept	81
Unproven	39
Not Defined	384

访问向量

Not Defined	0
Physical	2
Local	178
Adjacent	21
Network	324

身份验证

Not Defined	0
High	52
Low	252
None	221

用户交互

Not Defined	0
Required	94
None	431

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	8
≤4	50
≤5	90
≤6	140
≤7	108
≤8	77
≤9	36
≤10	16

CVSSv3 Temp

≤1	0
≤2	0
≤3	8
≤4	59
≤5	120
≤6	133
≤7	101
≤8	71
≤9	27
≤10	6

VulDB

≤1	0
≤2	3
≤3	16
≤4	69
≤5	95
≤6	157
≤7	78
≤8	60
≤9	31
≤10	16

NVD

≤1	0
≤2	0
≤3	1
≤4	4
≤5	32
≤6	38
≤7	47
≤8	61
≤9	28
≤10	13

CNA

≤1	0
≤2	1
≤3	2
≤4	8
≤5	22
≤6	18
≤7	27
≤8	34
≤9	21
≤10	2

供应商

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	2
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

零日攻击

<1k	1
<2k	8
<5k	79
<10k	167
<25k	200
<50k	69
<100k	1
≥100k	0

本日攻击

<1k	426
<2k	27
<5k	46
<10k	23
<25k	3
<50k	0
<100k	0
≥100k	0

攻击市场容量

🔴 CTI 活动

Affected Products (131): ASaP Virusscan (1), Active Response (4), Advanced Threat Defense (20), Agent (26), AntiSpyware (1), Antivirus (3), Antivirus Engine (1), Application (3), Application Control (4), Application Control Engine (1), Application and Change Control (2), Asset Manager (2), CMA (2), Change Control (4), Client Proxy (1), Cloud Single Sign On (1), Common Management Agent (1), Common UI (1), Consumer Product Removal Tool (2), Content Security Reporter (1), DLP Endpoint (5), DXL (1), Data Loss Prevention (28), Data Loss Prevention Endpoint (10), Data Loss Prevention ePO Extension (3), Database Security (7), Database Security Server Sensor (1), Data eXchange Layer Framework (1), Drive Encryption (3), E-Business Server (2), E-Mail (2), E-Mail Gateway (4), Email (8), Email Anti-virus (1), Email Gateway (12), Encrypted USB Manager (1), Endpoint Encryption (2), Endpoint Product Removal Tool (1), Endpoint Security (33), Entercept Agent (1), Enterprise Mobility Manager (4), Enterprise Mobility Manager Agent (2), Enterprise Security Manager (8), Epo Mcafee Virtual Technician (1), Exploit Detection (3), FRP (1), File (1), File Lock Driver (2), Firewall Reporter (1), FreeScan (1), Freescan (1), Gateway (4), GetSusp (2), Global Threat Intelligence (1), GroupShield (3), Host Data Loss Prevention (1), Internet Security Suite (3), IntruShield Network Security Manager (2), IntruShield Security (4), IntruShield Security Management System (1), Intrusion Prevention System (1), LinuxShield (1), LiveSafe (1), MVISION EDR (1), MVision Endpoint (7), Management of Native Encryption (1), McAfee ePolicy Orchestrator (1), NeoTrace (1), Network Data Loss Prevention (43), Network Security Management (16), Network Security Manager (4), Network Threat Behavior Analysis (2), PGPNet Daemon (1), Personal Firewall Plus (1), Policy Auditor (3), Product (1), ProtectionPilot (5), Remote Desktop 32 (1), Removable Media Protection (3), Response (3), SaaS Endpoint Protection (3), SafeBoot Device Encryption (1), Safe Connect (1), Scan Engine (1), Secure Mail (1), Security-as-a-Service (1), Security Installer Control System (1), Security Manager (1), Security Scan Plus (1), Skyhigh Secure Web Gateway (1), SmartFilter (2), SmartFilter Administration (1), Superscan (1), TIE (1), TechCheck (1), Tech Check (1), Threat Intelligence Exchange (3), Total Protection (24), Total Protection 2010 (1), Total Protection Free Antivirus Trial (1), True Key (8), UTM Firewall Appliance (5), Unified Threat Management Firewall (1), Virex (2), VirusScan (13), VirusScan Enterprise (17), Virus Scan Enterprise (1), VirusScan Security Center (1), Vulnerability Manager (8), Web Advisor (3), WebAdvisor Browser Extension (1), Web Gateway (25), Web Security (9), Web Security Appliance (1), WebShield (2), WebShield SMTP (1), WebWasher (1), being (1), e-Business Server (1), ePO Cloud (1), ePO Deep Command (1), ePolicy Orchestrator (44), ePolicy Orchestrator Deep Command (1), ePolicy Orchestrator agent (1), ePolicy Orchistrator (2), epolicy orchestrator (1), gent (1), irusscan enterprise (1), myCIO HTTP Server (1), ndpoint Security (1), security management system (1)

Link to Vendor Website: https://www.mcafee.com/

已发布	Base	Temp	漏洞	Prod	易	修正	EPSS	CTI	CVE
2023-08-22	6.9	6.8	McAfee Safe Connect 权限升级	未知	Not Defined	Official Fix	0.00065	0.00	CVE-2023-40352
2023-03-22	5.5	5.4	McAfee Total Protection Component Object Model Privilege Escalation	未知	Not Defined	Official Fix	0.00043	0.02	CVE-2023-25134
2023-03-13	4.7	4.6	McAfee Total Protection Command Prompt 拒绝服务	未知	Not Defined	Official Fix	0.00050	0.00	CVE-2023-24579
2023-03-13	5.4	5.3	McAfee Total Protection 权限升级	未知	Not Defined	Official Fix	0.00048	0.00	CVE-2023-24578
2023-03-13	5.4	5.3	McAfee Total Protection Registry Key 权限升级	未知	Not Defined	Official Fix	0.00043	0.02	CVE-2023-24577
2022-11-23	8.8	8.4	McAfee Total Protection 权限升级	未知	Not Defined	Official Fix	0.00065	0.00	CVE-2022-43751
2022-08-18	7.0	6.9	McAfee Security Scan Plus Configuration File Privilege Escalation	未知	Not Defined	Official Fix	0.00042	0.00	CVE-2022-37025
2022-06-20	8.4	8.2	McAfee Consumer Product Removal Tool 权限升级	未知	Not Defined	Official Fix	0.00042	0.00	CVE-2022-1824
2022-06-20	8.4	8.2	McAfee Consumer Product Removal Tool Configuration File 权限升级	未知	Not Defined	Official Fix	0.00042	0.00	CVE-2022-1823
2022-04-20	5.7	5.6	McAfee Skyhigh Secure Web Gateway Redirect	Firewall Software	Not Defined	Official Fix	0.00115	0.02	CVE-2022-1254
2022-04-14	8.3	8.1	McAfee Agent Repair 权限升级	未知	Not Defined	Official Fix	0.00042	0.00	CVE-2022-1256
2022-04-14	5.2	5.1	McAfee Agent Database File 信息公开	未知	Not Defined	Official Fix	0.00042	0.02	CVE-2022-1257
2022-04-14	6.2	6.1	McAfee ePolicy Orchestrator SQL注入	Endpoint Management Software	Not Defined	Official Fix	0.00101	0.00	CVE-2022-1258
2022-03-23	4.8	4.7	McAfee ePolicy Orchestrator Link 跨网站脚本	Endpoint Management Software	Not Defined	Official Fix	0.00081	0.00	CVE-2022-0857
2022-03-23	5.3	5.2	McAfee ePolicy Orchestrator 信息公开	Endpoint Management Software	Not Defined	Official Fix	0.00042	0.00	CVE-2022-0859
2022-03-23	3.7	3.6	McAfee being API 权限升级	未知	Not Defined	Official Fix	0.00136	0.03	CVE-2022-0862
2022-03-23	4.3	4.2	McAfee ePolicy Orchestrator Link 跨网站脚本	Endpoint Management Software	Not Defined	Official Fix	0.00081	0.00	CVE-2022-0858
2022-03-23	4.0	4.0	McAfee ePolicy Orchestrator SQL注入	Endpoint Management Software	Not Defined	Official Fix	0.00065	0.00	CVE-2022-0842
2022-03-23	4.1	4.0	McAfee ePolicy Orchestrator Extension Import XML External Entity	Endpoint Management Software	Not Defined	Official Fix	0.00054	0.00	CVE-2022-0861
2022-03-11	5.8	5.7	McAfee Total Protection QuickClean 竞争条件	未知	Not Defined	Official Fix	0.00043	0.00	CVE-2022-0280
2022-03-11	6.9	6.9	McAfee WebAdvisor Browser Extension Settings 权限升级	未知	Not Defined	Not Defined	0.00150	0.03	CVE-2022-0815
2022-01-24	7.3	7.2	McAfee Data Loss Prevention ePO Extension SQL注入	Data Loss Prevention Software	Not Defined	Official Fix	0.00082	0.00	CVE-2021-4088
2022-01-19	8.1	7.5	McAfee Agent Deployment cleanup.exe 权限升级	未知	Proof-of-Concept	Official Fix	0.00051	0.02	CVE-2021-31854
2022-01-19	8.1	7.8	McAfee Agent Installation openssl.cnf 权限升级	未知	Not Defined	Official Fix	0.00044	0.05	CVE-2022-0166
2022-01-11	8.1	7.9	McAfee TechCheck DLL 权限升级	未知	Not Defined	Official Fix	0.00044	0.00	CVE-2022-0129

500 更多条目未显示

🔒 Login Required

You need to signup and login to see more of the remaining 500 results.

◂ 上一步一览下一步 ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!