本ページは mcafee enterprise_security_manager に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2019-3644 | McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9517, potentially leading to a denial of service. This affects the scanning proxies. | [email protected] | 7.5 | 0.46% | 2019-09-11 | 2024-11-21 |
| CVE-2019-3643 | McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9511, potentially leading to a denial of service. This affects the scanning proxies. | [email protected] | 5.3 | 0.45% | 2019-09-11 | 2024-11-21 |
| CVE-2019-3632 | Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input. | [email protected] | 8.8 | 1.29% | 2019-06-27 | 2024-11-21 |
| CVE-2019-3631 | Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters. | [email protected] | 7.2 | 2.15% | 2019-06-27 | 2024-11-21 |
| CVE-2019-3630 | Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters. | [email protected] | 7.2 | 2.15% | 2019-06-27 | 2024-11-21 |
| CVE-2019-3629 | Application protection bypass vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows unauthenticated user to impersonate system users via specially crafted parameters. | [email protected] | 6.5 | 1.16% | 2019-06-27 | 2024-11-21 |
| CVE-2019-3628 | Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 allows authenticated user to gain access to a core system component via incorrect access control. | [email protected] | 8.8 | 0.60% | 2019-06-27 | 2024-11-21 |
| CVE-2015-7704 | The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. | [email protected] | 7.5 | 21.46% | 2017-08-07 | 2026-05-13 |
| CVE-2015-7310 | McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) before 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7 allow remote authenticated users to execute arbitrary OS commands via a crafted filename, which is not properly handled when downloading the file. | [email protected] | 6.5 | 0.48% | 2015-09-22 | 2026-05-06 |