External entity attack vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers to gain control of a resource or trigger arbitrary code execution via improper input validation of an HTTP request, where the content for the attack has been loaded into ePO by an ePO administrator.
References
Link | Resource |
---|---|
https://kc.mcafee.com/corporate/index?page=content&id=SB10334 | Broken Link Vendor Advisory |
https://kc.mcafee.com/corporate/index?page=content&id=SB10334 | Broken Link Vendor Advisory |
Configurations
History
21 Nov 2024, 05:37
Type | Values Removed | Values Added |
---|---|---|
References | () https://kc.mcafee.com/corporate/index?page=content&id=SB10334 - Broken Link, Vendor Advisory |
16 Nov 2023, 14:12
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-918 | |
References | () https://kc.mcafee.com/corporate/index?page=content&id=SB10334 - Broken Link, Vendor Advisory |
07 Nov 2023, 03:26
Type | Values Removed | Values Added |
---|---|---|
CWE | ||
References | () https://kc.mcafee.com/corporate/index?page=content&id=SB10334 - |
Information
Published : 2020-11-11 09:15
Updated : 2024-11-21 05:37
NVD link : CVE-2020-7328
Mitre link : CVE-2020-7328
CVE.ORG link : CVE-2020-7328
JSON object : View
Products Affected
mcafee
- mvision_endpoint
CWE
CWE-918
Server-Side Request Forgery (SSRF)