Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and earlier allows remote attackers to execute arbitrary HTML code to be reflected in the response web page via unspecified vector.
References
Configurations
History
21 Nov 2024, 03:26
Type | Values Removed | Values Added |
---|---|---|
References | () https://kc.mcafee.com/corporate/index?page=content&id=SB10207 - | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 5.4 |
07 Nov 2023, 02:44
Type | Values Removed | Values Added |
---|---|---|
References | () https://kc.mcafee.com/corporate/index?page=content&id=SB10207 - |
Information
Published : 2018-06-13 21:29
Updated : 2024-11-21 03:26
NVD link : CVE-2017-3907
Mitre link : CVE-2017-3907
CVE.ORG link : CVE-2017-3907
JSON object : View
Products Affected
mcafee
- mcafee_threat_intelligence_exchange
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')