CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-7329

Server-side request forgery vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers trigger server-side DNS requests to arbitrary domains via carefully constructed XML files loaded by an ePO administrator.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.6%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10334
https://kc.mcafee.com/corporate/index?page=content&id=SB10334

Products affected by CVE-2020-7329

Mcafee » Mvision Endpoint » Version: N/A

cpe:2.3:a:mcafee:mvision_endpoint:-
Mcafee » Mvision Endpoint » Version: 18.11.31.62

cpe:2.3:a:mcafee:mvision_endpoint:18.11.31.62
Mcafee » Mvision Endpoint » Version: 20.5.0.94

cpe:2.3:a:mcafee:mvision_endpoint:20.5.0.94
Mcafee » Mvision Endpoint » Version: 20.7

cpe:2.3:a:mcafee:mvision_endpoint:20.7
Mcafee » Mvision Endpoint » Version: 20.9

cpe:2.3:a:mcafee:mvision_endpoint:20.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7329

Products

Pricing

Contact Us