Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-0140

Опубликовано: 01 мая 2013
Источник: nvd
CVSS2: 7.9
EPSS Низкий

Описание

SQL injection vulnerability in the Agent-Handler component in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to execute arbitrary SQL commands via a crafted request over the Agent-Server communication channel.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mcafee:epolicy_orchestrator:*:*:*:*:*:*:*:*
Версия до 4.5.6 (включая)
cpe:2.3:a:mcafee:epolicy_orchestrator:2.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:2.5:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:2.5:sp1:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:3.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:3.0:sp2a:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:3.5.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:3.6.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:4.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:4.5.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:4.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:4.5.4:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:4.5.5:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.2:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.3:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.4:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.5:*:*:*:*:*:*:*

EPSS

Процентиль: 88%
0.03811
Низкий

7.9 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

github логотип

GHSA-qwj4-q777-wg6h

github
почти 4 года назад

SQL injection vulnerability in the Agent-Handler component in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to execute arbitrary SQL commands via a crafted request over the Agent-Server communication channel.

EPSS

Процентиль: 88%
0.03811
Низкий

7.9 High

CVSS2

Дефекты

CWE-89