| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2021-31848 |
79 |
|
XSS |
2021-11-01 |
2021-11-03 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross site scripting (XSS) vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker to highjack an active DLP ePO administrator session by convincing the logged in administrator to click on a carefully crafted link in the case management part of the DLP ePO extension. |
|
2 |
CVE-2021-31836 |
269 |
|
+Priv |
2021-09-22 |
2021-09-29 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
Improper privilege management vulnerability in maconfig for McAfee Agent for Windows prior to 5.7.4 allows a local user to gain access to sensitive information. The utility was able to be run from any location on the file system and by a low privileged user. |
|
3 |
CVE-2021-31834 |
79 |
|
XSS |
2021-10-22 |
2021-10-25 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Stored Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 11 allows ePO administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized. |
|
4 |
CVE-2021-31832 |
79 |
|
Exec Code XSS |
2021-06-09 |
2021-06-22 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Improper Neutralization of Input in the ePO administrator extension for McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a remote ePO DLP administrator to inject JavaScript code into the alert configuration text field. This JavaScript will be executed when an end user triggers a DLP policy on their machine. |
|
5 |
CVE-2021-31830 |
79 |
|
XSS |
2021-06-03 |
2021-06-11 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows an administrator to embed JavaScript code when configuring the name of a database to be monitored. This would be triggered when any authorized user logs into the DBSec interface and opens the properties configuration page for this database. |
|
6 |
CVE-2021-23889 |
79 |
|
XSS |
2021-03-26 |
2021-03-30 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 allows ePO administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized. |
|
7 |
CVE-2021-23881 |
79 |
|
XSS |
2021-02-10 |
2021-02-12 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 February 2021 Update allows an ENS ePO administrator to add a script to a policy event which will trigger the script to be run through a browser block page when a local non-administrator user triggers the policy. |
|
8 |
CVE-2021-23873 |
59 |
|
DoS +Priv |
2021-02-10 |
2022-05-03 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file deletion as the SYSTEM user potentially causing Denial of Service via manipulating Junction link, after enumerating certain files, at a specific time. |
|
9 |
CVE-2021-4038 |
79 |
|
XSS |
2021-12-09 |
2021-12-13 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) prior to 10.1 Minor 7 allows a remote authenticated administrator to embed a XSS in the administrator interface via specially crafted custom rules containing HTML. NSM did not correctly sanitize custom rule content in all scenarios. |
|
10 |
CVE-2020-7333 |
79 |
|
XSS |
2020-11-12 |
2020-11-23 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows administrators to inject arbitrary web script or HTML via the configuration wizard. |
|
11 |
CVE-2020-7324 |
269 |
|
Bypass |
2020-09-09 |
2020-09-14 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
Improper Access Control vulnerability in McAfee MVISION Endpoint prior to 20.9 Update allows local users to bypass security mechanisms and deny access to the SYSTEM folder via incorrectly applied permissions. |
|
12 |
CVE-2020-7310 |
269 |
|
|
2020-08-21 |
2022-06-01 |
3.3 |
None |
Local |
Medium |
Not required |
None |
Partial |
Partial |
|
Privilege Escalation vulnerability in the installer in McAfee McAfee Total Protection (MTP) trial prior to 4.0.161.1 allows local users to change files that are part of write protection rules via manipulating symbolic links to redirect a McAfee file operations to an unintended file. |
|
13 |
CVE-2020-7309 |
79 |
|
XSS |
2020-08-26 |
2020-09-02 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross Site Scripting vulnerability in ePO extension in McAfee Application Control (MAC) prior to 8.3.1 allows administrators to inject arbitrary web script or HTML via specially crafted input in the policy discovery section. |
|
14 |
CVE-2020-7301 |
79 |
|
XSS |
2020-08-12 |
2020-08-18 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to trigger alerts via the file upload tab in the DLP case management section. |
|
15 |
CVE-2020-7298 |
20 |
|
|
2020-08-05 |
2021-07-21 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
Unexpected behavior violation in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to turn off real time scanning via a specially crafted object making a specific function call. |
|
16 |
CVE-2020-7282 |
59 |
|
|
2020-07-03 |
2022-07-01 |
3.3 |
None |
Local |
Medium |
Not required |
None |
Partial |
Partial |
|
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. |
|
17 |
CVE-2020-7267 |
269 |
|
|
2020-05-08 |
2020-05-18 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. |
|
18 |
CVE-2020-7266 |
269 |
|
|
2020-05-08 |
2020-05-18 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. |
|
19 |
CVE-2020-7265 |
269 |
|
|
2020-05-08 |
2020-05-18 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. |
|
20 |
CVE-2020-7264 |
269 |
|
|
2020-05-08 |
2020-05-18 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. |
|
21 |
CVE-2020-7258 |
79 |
|
XSS |
2020-03-18 |
2020-03-19 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross site scripting vulnerability in McAfee Network Security Management (NSM) Prior to 9.1 update 6 Mar 2020 Update allows attackers to unspecified impact via unspecified vectors. |
|
22 |
CVE-2020-7257 |
269 |
|
|
2020-04-15 |
2020-04-17 |
3.3 |
None |
Local |
Medium |
Not required |
None |
Partial |
Partial |
|
Privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links whilst an anti-virus scan was in progress. This is timing dependent. |
|
23 |
CVE-2020-7256 |
79 |
|
XSS |
2020-03-18 |
2020-03-19 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross site scripting vulnerability in McAfee Network Security Management (NSM) Prior to 9.1 update 6 Mar 2020 Update allows attackers to unspecified impact via unspecified vectors. |
|
24 |
CVE-2020-7255 |
269 |
|
+Priv |
2020-04-15 |
2020-04-21 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface. Administrators can lock the ENS client interface through ePO to prevent users being able to edit the configuration. |
|
25 |
CVE-2019-13057 |
|
|
|
2019-07-26 |
2022-06-13 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.) |
|
26 |
CVE-2019-3641 |
|
|
|
2019-11-13 |
2020-10-16 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Abuse of Authorization vulnerability in APIs exposed by TIE server in McAfee Threat Intelligence Exchange Server (TIE Server) 3.0.0 allows remote authenticated users to modify stored reputation data via specially crafted messages. |
|
27 |
CVE-2019-3602 |
79 |
|
XSS |
2019-05-15 |
2019-05-21 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) Prior to 9.1 Update 5 allows an authenticated administrator to embed an XSS in the administrator interface via a specially crafted custom rule containing HTML. |
|
28 |
CVE-2019-3584 |
287 |
|
|
2019-01-23 |
2020-08-24 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
Exploitation of Authentication vulnerability in MVision Endpoint in McAfee MVision Endpoint Prior to 1811 Update 1 (18.11.31.62) allows authenticated administrator users --> administrators to Remove MVision Endpoint via unspecified vectors. |
|
29 |
CVE-2018-6681 |
79 |
|
XSS |
2018-07-17 |
2023-03-04 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Abuse of Functionality vulnerability in the web interface in McAfee Network Security Management (NSM) 9.1.7.11 and earlier allows authenticated users to allow arbitrary HTML code to be reflected in the response web page via appliance web interface. |
|
30 |
CVE-2018-6659 |
79 |
|
XSS |
2018-04-02 |
2019-10-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Reflected Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows remote authenticated users to exploit an XSS issue via not sanitizing the user input. |
|
31 |
CVE-2017-4015 |
20 |
|
|
2017-05-17 |
2017-07-08 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header. |
|
32 |
CVE-2017-3964 |
79 |
|
XSS |
2018-04-04 |
2019-10-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Reflective Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to inject arbitrary web script or HTML via a URL parameter. |
|
33 |
CVE-2017-3961 |
79 |
|
XSS |
2018-05-25 |
2019-10-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to allow arbitrary HTML code to be reflected in the response web page via crafted user input of attributes. |
|
34 |
CVE-2017-3948 |
79 |
|
XSS |
2017-06-23 |
2017-07-05 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x allows authenticated users to inject arbitrary web script or HTML via injecting malicious JavaScript into a user's browsing session. |
|
35 |
CVE-2017-3933 |
79 |
|
XSS CSRF |
2017-10-31 |
2017-11-18 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack. |
|
36 |
CVE-2017-3902 |
79 |
|
XSS Bypass |
2017-02-13 |
2017-07-26 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing input validation. |
|
37 |
CVE-2016-8021 |
347 |
|
Exec Code |
2017-03-14 |
2017-09-03 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file. |
|
38 |
CVE-2016-8016 |
200 |
|
+Info |
2017-03-14 |
2017-09-03 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter. |
|
39 |
CVE-2016-8007 |
284 |
|
Bypass |
2017-03-14 |
2017-03-23 |
3.0 |
None |
Local |
Medium |
??? |
None |
Partial |
Partial |
|
Authentication bypass vulnerability in McAfee Host Intrusion Prevention Services (HIPS) 8.0 Patch 7 and earlier allows authenticated users to manipulate the product's registry keys via specific conditions. |
|
40 |
CVE-2016-3984 |
284 |
|
Bypass |
2016-04-08 |
2016-05-18 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys. |
|
41 |
CVE-2015-8987 |
284 |
|
|
2017-03-14 |
2017-03-23 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server via McAfee Agent migration to another ePO server. |
|
42 |
CVE-2015-2760 |
79 |
|
XSS |
2015-03-27 |
2016-12-03 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
|
43 |
CVE-2015-1619 |
79 |
|
XSS |
2015-02-17 |
2015-02-18 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway (MEG) 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified tokens in Digest messages. |
|
44 |
CVE-2015-1617 |
79 |
|
XSS |
2015-02-17 |
2015-02-18 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
|
45 |
CVE-2014-8532 |
|
|
+Info |
2014-10-29 |
2014-10-30 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
Unspecified vulnerability in McAfee Network Data Loss Prevention before (NDLP) before 9.3 allows local users to obtain sensitive information and impact integrity via unknown vectors, related to partition mounting. |
|
46 |
CVE-2014-8527 |
255 |
|
+Info |
2014-10-29 |
2014-10-30 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information and affect integrity via vectors related to a "plain text password." |
|
47 |
CVE-2014-8521 |
352 |
|
XSS |
2014-10-29 |
2014-10-30 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
|
48 |
CVE-2012-4587 |
264 |
|
|
2012-08-22 |
2017-08-29 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1, when one-time provisioning (OTP) mode is enabled, have an improper dependency on DNS SRV records, which makes it easier for remote attackers to discover user passwords by spoofing the EMM server, as demonstrated by a password entered on an iOS device. |
|
49 |
CVE-2012-4586 |
264 |
|
Bypass |
2012-08-22 |
2012-08-22 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows remote authenticated users to bypass intended permission settings by requesting a file. |
|
50 |
CVE-2012-4584 |
310 |
|
+Info |
2012-08-22 |
2012-10-30 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, does not properly encrypt system-backup data, which makes it easier for remote authenticated users to obtain sensitive information by reading a backup file, as demonstrated by obtaining password hashes. |
