CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Mcafee: >> Asset Manager >> 6.6 Security Vulnerabilities

CVE-2014-2587

SQL injection vulnerability in jsp/reports/ReportsAudit.jsp in McAfee Asset Manager 6.6 allows remote authenticated users to execute arbitrary SQL commands via the username of an audit report (aka user parameter).

CVSS Score

6.5

EPSS Score

0.057

Published

2014-03-24

CVE-2014-2588

Directory traversal vulnerability in servlet/downloadReport in McAfee Asset Manager 6.6 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the reportFileName parameter.

CVSS Score

4.0

EPSS Score

0.191

Published

2014-03-24

Page 1

Vulnerabilities

Vulnerable Software

Mcafee: >> Asset Manager >> 6.6 Security Vulnerabilities

Products

Pricing

Contact Us