Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
McAfee ePolicy Orchestrator (ePO) 4.6.1 and earlier allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information from arbitrary reporting panels, via a modified ID value in a console URL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
McAfee ePolicy Orchestrator 权限许可和访问控制漏洞
Vulnerability Description
Intel McAfee ePolicy Orchestrator(ePO)是美国英特尔(Intel)公司(原McAfee公司)的一套可扩展的安全管理软件。该软件可对终端、网络、内容安全和合规解决方案实现集中的简化管理。 McAfee ePolicy Orchestrator (ePO) 4.6.1版本和早期版本中存在漏洞。远程认证用户可利用该漏洞通过控制台URL中修改的ID值,绕过目地访问限制并从任意报告面板中获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A