CVE-2014-2587

Currently unrated

Key Information:

Vendor: Mcafee
Status: Asset Manager
Vendor: CVE Published:; 24 March 2014

Summary

SQL injection vulnerability in jsp/reports/ReportsAudit.jsp in McAfee Asset Manager 6.6 allows remote authenticated users to execute arbitrary SQL commands via the username of an audit report (aka user parameter).

References

http://packetstormsecurity.com/files/125775/McAfee-Cloud-...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/91929

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/66302

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Mar 24, 2014
Vulnerability Reserved
Mar 23, 2014