Arbitrary File Upload Vulnerability in McAfee ePolicy Orchestrator (ePO)

Arbitrary File Upload Vulnerability in McAfee ePolicy Orchestrator (ePO)

CVE-2013-0141 · MEDIUM Severity

AV:A/AC:M/AU:N/C:P/I:P/A:N

Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to upload arbitrary files via a crafted request over the Agent-Server communication channel, as demonstrated by writing to the Software/ directory.

Learn more about our Cis Benchmark Audit For Server Software.