Описание
Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mcafee:epo_deep_command:2.1:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:epo_deep_command:2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00584
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path.
EPSS
Процентиль: 68%
0.00584
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-77