CVE-2017-4053

Summary

Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to execute a command of their choice via a crafted HTTP request parameter.

Affected Software

VendorProductVersion RangeStatus
McAfeeAdvanced Threat Defense (ATD)3.10affected
McAfeeAdvanced Threat Defense (ATD)3.8affected
McAfeeAdvanced Threat Defense (ATD)3.6affected
McAfeeAdvanced Threat Defense (ATD)3.5affected

Weaknesses

  • Command Injection vulnerability

ADP Enrichment

CVE Program Container

Additional References

References