PT-2020-19561 · Mcafee · Mcafee Endpoint Security
Published
2020-11-12
·
Updated
2023-11-16
·
CVE-2020-7332
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
McAfee Endpoint Security (ENS) versions prior to 10.7.0 November 2020 Update
Description
The issue is related to a Cross Site Request Forgery vulnerability in the firewall ePO extension, allowing an attacker to execute arbitrary HTML code due to incorrect security configuration.
Recommendations
For versions prior to 10.7.0 November 2020 Update, update to the November 2020 Update or later to resolve the issue.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mcafee Endpoint Security