Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to upload arbitrary files via a crafted request over the Agent-Server communication channel, as demonstrated by writing to the Software/ directory.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
McAfee ePolicy Orchestrator 未明目录遍历漏洞
Vulnerability Description
Intel McAfee ePolicy Orchestrator(ePO)是美国英特尔(Intel)公司(原McAfee公司)的一套可扩展的安全管理软件。该软件可对终端、网络、内容安全和合规解决方案实现集中的简化管理。 McAfee ePolicy Orchestrator (ePO)4.5.7之前的版本和4.6.6之前的4.6.x版本中存在目录遍历漏洞。远程攻击者可通过Agent-Server通信信道的特制请求利用该漏洞上传任意文件。如写入Software/的目录。
CVSS Information
N/A
Vulnerability Type
N/A