Directory Traversal Vulnerability in McAfee ePolicy Orchestrator
CVE-2017-3980

7.2HIGH

Key Information:

Vendor: Mcafee
Status: Epolicy Orchestrator (epo)
Vendor: CVE Published:; 18 May 2017

What is CVE-2017-3980?

A directory traversal vulnerability exists in the ePO Extension of McAfee ePolicy Orchestrator, allowing remote authenticated users to exploit this flaw. By leveraging an authenticated ePO session, attackers can execute arbitrary commands on the system, potentially leading to unauthorized access and control over the affected environment. This type of vulnerability raises significant security concerns, necessitating prompt action for affected users to mitigate associated risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ePolicy Orchestrator (ePO) 5.9.0 and earlier

ePolicy Orchestrator (ePO) 5.3.2 and earlier

ePolicy Orchestrator (ePO) 5.1.3 and earlier

References

http://www.securityfocus.com/bid/98559

vdb-entryx_refsource_BID

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 18, 2017
Vulnerability Reserved
Dec 26, 2016

JSON

Mcafee

What is CVE-2017-3980?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.