Vulnerabilities > Mcafee > Asset Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2014-03-24 CVE-2014-2588 Path Traversal vulnerability in Mcafee Asset Manager 6.6
Directory traversal vulnerability in servlet/downloadReport in McAfee Asset Manager 6.6 allows remote authenticated users to read arbitrary files via a ..
network
low complexity
mcafee CWE-22
4.0
4.0
2014-03-24 CVE-2014-2587 SQL Injection vulnerability in Mcafee Asset Manager 6.6
SQL injection vulnerability in jsp/reports/ReportsAudit.jsp in McAfee Asset Manager 6.6 allows remote authenticated users to execute arbitrary SQL commands via the username of an audit report (aka user parameter).
network
low complexity
mcafee CWE-89
6.5
6.5