HIGH🇬🇧 English

CVE-2020-7328

CVSS 7.2v3.1pub. 2020-11-11upd. 2024-11-21

External entity attack vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers to gain control of a resource or trigger arbitrary code execution via improper input validation of an HTTP request, where the content for the attack has been loaded into ePO by an ePO administrator.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Mcafee Mvision Endpoint

    APP
    Mcafee
    < 20.11
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2020-7329HIGH7.2ten sam produkt

Server-side request forgery vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allow...

CVE-2020-7285HIGH7.8ten sam produkt

Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to 20.5.0.94 allows a malicious script or ...

CVE-2019-3584HIGH7.4ten sam produkt

Exploitation of Authentication vulnerability in MVision Endpoint in McAfee MVision Endpoint Prior to 1811 Upda...

CVE-2020-7324MEDIUM6.1ten sam produkt

Improper Access Control vulnerability in McAfee MVISION Endpoint prior to 20.9 Update allows local users to by...

CVE-2020-7325MEDIUM5.5ten sam produkt

Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to 20.9 Update allows local users to acces...

CVE-2020-7328 — HIGH 7.2 | CVEbaza.pl