Vulnerabilities > Mcafee > Cloud Single Sign ON

DATE CVE VULNERABILITY TITLE RISK
2014-03-24 CVE-2014-2586 Cross-Site Scripting vulnerability in Mcafee Cloud Single Sign ON
Cross-site scripting (XSS) vulnerability in the login audit form in McAfee Cloud Single Sign On (SSO) allows remote attackers to inject arbitrary web script or HTML via a crafted password.
network
mcafee CWE-79
4.3
2014-03-18 CVE-2014-2536 Path Traversal vulnerability in multiple products
Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0, 3.1, and 3.5.1, McAfee Cloud Single Sign On (MCSSO) before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1 and 2.5 allows remote authenticated users to read an unspecified file containing a hash of the administrator password via unknown vectors.
network
intel mcafee CWE-22
4.3