CVE-2020-7328

External entity attack vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers to gain control of a resource or trigger arbitrary code execution via improper input validation of an HTTP request, where the content for the attack has been loaded into ePO by an ePO administrator.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:mcafee:mvision_endpoint:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:37

Type Values Removed Values Added
References () https://kc.mcafee.com/corporate/index?page=content&id=SB10334 - Broken Link, Vendor Advisory () https://kc.mcafee.com/corporate/index?page=content&id=SB10334 - Broken Link, Vendor Advisory

16 Nov 2023, 14:12

Type Values Removed Values Added
CWE CWE-918
References () https://kc.mcafee.com/corporate/index?page=content&id=SB10334 - () https://kc.mcafee.com/corporate/index?page=content&id=SB10334 - Broken Link, Vendor Advisory

07 Nov 2023, 03:26

Type Values Removed Values Added
CWE CWE-918
References (CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10334 - Vendor Advisory () https://kc.mcafee.com/corporate/index?page=content&id=SB10334 -

Information

Published : 2020-11-11 09:15

Updated : 2024-11-21 05:37


NVD link : CVE-2020-7328

Mitre link : CVE-2020-7328

CVE.ORG link : CVE-2020-7328


JSON object : View

Products Affected

mcafee

  • mvision_endpoint
CWE
CWE-918

Server-Side Request Forgery (SSRF)