Back to search
CVE-2013-4882
Published: Jul 21, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in McAfee ePolicy Orchestrator 4.6.6 and earlier, and the ePolicy Orchestrator (ePO) extension for McAfee Agent (MA) 4.5 and 4.6, allow remote authenticated users to execute arbitrary SQL commands via the uid parameter to (1) core/showRegisteredTypeDetails.do and (2) EPOAGENTMETA/DisplayMSAPropsDetail.do, a different vulnerability than CVE-2013-0140.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://kc.mcafee.com/corporate/index?page=content&id=SB10043
x_refsource_CONFIRM
20130712 Multiple vulnerabilities in McAfee ePO 4.6.6
mailing-list
x_refsource_BUGTRAQ
1028803
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now