Main Vulnerability Database Exploits ID:5945 - Exploit for Improper access control in McAfee ePolicy Orchestrator - CVE-2018-6671

ID:5945 - Exploit for Improper access control in McAfee ePolicy Orchestrator - CVE-2018-6671

Published: June 17, 2021

Vulnerability identifier: #VU13451

Vulnerability risk: Low

CVE-ID: CVE-2018-6671

CWE-ID: CWE-284

Exploitation vector: Remote access

Vulnerable software:
McAfee ePolicy Orchestrator

Link to public exploit:

https://www.exploit-db.com/exploits/46518/

Vulnerability description

The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information.

The vulnerability exists due to improper access control. A remote attacker can send a specially crafted HTTP request to bypass localhost-only access controls for some functions and obtain arbitrary data.

Remediation

Update to version 5.3.3, 5.9.1.

ID:5945 - Exploit for Improper access control in McAfee ePolicy Orchestrator - CVE-2018-6671

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human