Vulnerabilities > Mcafee > Epolicy Orchestrator > 5.9.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-03 | CVE-2019-3619 | Cleartext Transmission of Sensitive Information vulnerability in Mcafee Epolicy Orchestrator 5.10.0/5.9.0/5.9.1 Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 prior to 5.10.0 update 4 allows remote unauthenticated attacker to view sensitive information in plain text via sniffing the traffic between the Agent Handler and the SQL server. | 4.9 |
| 2019-04-23 | CVE-2019-2602 | Resource Exhaustion vulnerability in multiple products Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). | 7.5 |
| 2018-06-15 | CVE-2018-6672 | Information Exposure vulnerability in Mcafee Epolicy Orchestrator Information disclosure vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors. | 6.5 |
| 2018-06-15 | CVE-2018-6671 | Unspecified vulnerability in Mcafee Epolicy Orchestrator Application Protection Bypass vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows remote authenticated users to bypass localhost only access security protection for some ePO features via a specially crafted HTTP request. | 6.5 |
| 2017-05-18 | CVE-2017-3980 | Path Traversal vulnerability in Mcafee Epolicy Orchestrator A directory traversal vulnerability in the ePO Extension in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, and 5.1.3 and earlier allows remote authenticated users to execute a command of their choice via an authenticated ePO session. | 6.5 |