Product:

Enterprise_security_manager

(Mcafee)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 9
Date Id Summary Products Score Patch Annotated
2019-06-27 CVE-2019-3628 Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 allows authenticated user to gain access to a core system component via incorrect access control. Enterprise_security_manager 8.8
2019-06-27 CVE-2019-3629 Application protection bypass vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows unauthenticated user to impersonate system users via specially crafted parameters. Enterprise_security_manager 6.5
2019-06-27 CVE-2019-3630 Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters. Enterprise_security_manager 7.2
2019-06-27 CVE-2019-3631 Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters. Enterprise_security_manager 7.2
2019-06-27 CVE-2019-3632 Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input. Enterprise_security_manager 8.8
2019-09-11 CVE-2019-3643 McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9511, potentially leading to a denial of service. This affects the scanning proxies. Active_response, Advanced_threat_defense, Enterprise_security_manager, Web_gateway 7.5
2019-09-11 CVE-2019-3644 McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9517, potentially leading to a denial of service. This affects the scanning proxies. Active_response, Advanced_threat_defense, Enterprise_security_manager, Web_gateway 7.5
2017-08-07 CVE-2015-7704 The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. Xenserver, Debian_linux, Enterprise_security_manager, Clustered_data_ontap, Data_ontap, Oncommand_performance_manager, Oncommand_unified_manager, Ntp, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation 7.5
2015-09-22 CVE-2015-7310 McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) before 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7 allow remote authenticated users to execute arbitrary OS commands via a crafted filename, which is not properly handled when downloading the file. Enterprise_security_manager, Enterprise_security_manager\/log_manager, Enterprise_security_manager\/receiver N/A