CVE-2018-6672

Published: Jun 15, 2018Modified: Nov 21, 2024

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

Information disclosure vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors.

Affected (2)

Products: Mcafee: Epolicy Orchestrator

Mcafee

1 product

Epolicy Orchestrator

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Mcafee Epolicy Orchestrator	From 5.3.0 to 5.3.3
Mcafee Epolicy Orchestrator	From 5.9.0 to 5.9.1

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

http://www.securityfocus.com/bid/104485

Source: trellixpsirt@trellix.com

http://www.securitytracker.com/id/1041155

Source: trellixpsirt@trellix.com

https://kc.mcafee.com/corporate/index?page=content&id=SB10240

Source: trellixpsirt@trellix.com

http://www.securityfocus.com/bid/104485

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1041155

Source: af854a3a-2127-422b-91ae-364da2661108

https://kc.mcafee.com/corporate/index?page=content&id=SB10240

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.