Vulnerabilities > Mcafee > Enterprise Security Manager > High

DATE CVE VULNERABILITY TITLE RISK
2019-09-11 CVE-2019-3644 Unspecified vulnerability in Mcafee products
McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9517, potentially leading to a denial of service.
network
low complexity
mcafee
7.5
2019-09-11 CVE-2019-3643 Unspecified vulnerability in Mcafee products
McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9511, potentially leading to a denial of service.
network
low complexity
mcafee
7.5
2019-06-27 CVE-2019-3632 Path Traversal vulnerability in Mcafee Enterprise Security Manager
Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input.
network
low complexity
mcafee CWE-22
8.8
2019-06-27 CVE-2019-3631 OS Command Injection vulnerability in Mcafee Enterprise Security Manager
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.
network
low complexity
mcafee CWE-78
7.2
2019-06-27 CVE-2019-3630 OS Command Injection vulnerability in Mcafee Enterprise Security Manager
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.
network
low complexity
mcafee CWE-78
7.2
2019-06-27 CVE-2019-3628 Unspecified vulnerability in Mcafee Enterprise Security Manager
Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 allows authenticated user to gain access to a core system component via incorrect access control.
network
low complexity
mcafee
8.8
2017-08-07 CVE-2015-7704 Improper Input Validation vulnerability in multiple products
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
network
low complexity
ntp debian netapp redhat mcafee citrix CWE-20
7.5