CVE-2019-3604

Summary

Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) Cloud allows unauthenticated users to perform unintended ePO actions using an authenticated user's session via unspecified vectors.

Affected Software

VendorProductVersion RangeStatus
McAfee, LLCePolicy Orchestrator Cloudunspecified < Currentaffected

Weaknesses

  • Cross Site Request Forgery (aka Session Riding) vulnerability

ADP Enrichment

CVE Program Container

Additional References

References