CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-31842

XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2021 Update allows a local user to initiate high CPU and memory consumption resulting in a Denial of Service attack through carefully editing the EPDeploy.xml file and then executing the setup process.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.6%

CVSS Severity

CVSS v3 Score 5.0

CVSS v2 Score 2.1

References

Products affected by CVE-2021-31842

Mcafee » Endpoint Security » Version: 10.5.0

cpe:2.3:a:mcafee:endpoint_security:10.5.0
Mcafee » Endpoint Security » Version: 10.5.1

cpe:2.3:a:mcafee:endpoint_security:10.5.1
Mcafee » Endpoint Security » Version: 10.5.2

cpe:2.3:a:mcafee:endpoint_security:10.5.2
Mcafee » Endpoint Security » Version: 10.5.3

cpe:2.3:a:mcafee:endpoint_security:10.5.3
Mcafee » Endpoint Security » Version: 10.5.4

cpe:2.3:a:mcafee:endpoint_security:10.5.4
Mcafee » Endpoint Security » Version: 10.5.5

cpe:2.3:a:mcafee:endpoint_security:10.5.5
Mcafee » Endpoint Security » Version: 10.6.0

cpe:2.3:a:mcafee:endpoint_security:10.6.0
Mcafee » Endpoint Security » Version: 10.6.1

cpe:2.3:a:mcafee:endpoint_security:10.6.1
Mcafee » Endpoint Security » Version: 10.7.0

cpe:2.3:a:mcafee:endpoint_security:10.7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-31842

Products

Pricing

Contact Us