CVE-2017-3907

Summary

Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and earlier allows remote attackers to execute arbitrary HTML code to be reflected in the response web page via unspecified vector.

Affected Software

VendorProductVersion RangeStatus
McAfeeThreat Intelligence Exchange (TIE) Server2.1.0 < 2.1.0 Hotfix 1affected

Weaknesses

  • Code Injection vulnerability

ADP Enrichment

CVE Program Container

Additional References

References