CVE-2012-4594
EUVD-2012-451922.08.2012, 10:42
McAfee ePolicy Orchestrator (ePO) 4.6.1 and earlier allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information from arbitrary reporting panels, via a modified ID value in a console URL.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| mcafee | epolicy_orchestrator | 𝑥 ≤ 4.6.1 |
| mcafee | epolicy_orchestrator | 2.0 |
| mcafee | epolicy_orchestrator | 2.5 |
| mcafee | epolicy_orchestrator | 2.5:sp1 |
| mcafee | epolicy_orchestrator | 2.5.1 |
| mcafee | epolicy_orchestrator | 3.0 |
| mcafee | epolicy_orchestrator | 3.0:sp2a |
| mcafee | epolicy_orchestrator | 3.5.0 |
| mcafee | epolicy_orchestrator | 3.6.0 |
| mcafee | epolicy_orchestrator | 3.6.1 |
| mcafee | epolicy_orchestrator | 4.0 |
| mcafee | epolicy_orchestrator | 4.5.0 |
| mcafee | epolicy_orchestrator | 4.6.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration