CVE-2017-4054

Summary

Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to execute a command of their choice via a crafted HTTP request parameter.

Affected Software

VendorProductVersion RangeStatus
McAfeeAdvanced Threat Defense (ATD)3.10affected
McAfeeAdvanced Threat Defense (ATD)3.8affected
McAfeeAdvanced Threat Defense (ATD)3.6affected

Weaknesses

  • Command Injection vulnerability

ADP Enrichment

CVE Program Container

Additional References

References