CVE-2015-2053

Currently unrated

Key Information:

Vendor: Mcafee
Status: Mcafee Agent
Vendor: CVE Published:; 23 February 2015

Summary

The log viewer in McAfee Agent (MA) before 4.8.0 Patch 3 and 5.0.0, when the "Accept connections only from the ePO server" option is disabled, allows remote attackers to conduct clickjacking attacks via a crafted web page, aka an "http-generic-click-jacking" vulnerability.

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1031821

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/74873

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Feb 23, 2015
Vulnerability Reserved
Feb 23, 2015