Vulnerability Details CVE-2017-4054
Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to execute a command of their choice via a crafted HTTP request parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.043
EPSS Ranking 88.3%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2017-4054
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.10
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.4
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.6
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.8