XML External Entity (XXE) Vulnerability in McAfee ePolicy Orchestrator (ePO) Server Task Log
CVE-2015-0921 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
XML external entity (XXE) vulnerability in the Server Task Log in McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 allows remote authenticated users to read arbitrary files via the conditionXML parameter to the taskLogTable to orionUpdateTableFilter.do.
Learn more about our Cis Benchmark Audit For Server Software.