Skip to main content

Enterprise Mobility Manager

7 CVEs product

Monthly

CVE-2017-14651 MEDIUM POC PATCH This Month

WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Api Manager App Manager Application Server Business Process Server +13
NVD GitHub
CVSS 3.1
4.8
EPSS
3.7%
CVE-2012-4592 MEDIUM This Month

The Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not set the secure flag for the ASP.NET session cookie in an https session, which makes it easier for remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Enterprise Mobility Manager
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2012-4591 MEDIUM This Month

About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 discloses the name of the user account for an IIS worker process, which allows remote attackers to obtain potentially. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Enterprise Mobility Manager
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2012-4590 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 might allow remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Enterprise Mobility Manager
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-4589 LOW Monitor

Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Enterprise Mobility Manager
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2012-4588 MEDIUM This Month

McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1 record all invalid usernames presented in failed login attempts, and place them on a list of accounts that an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Authentication Bypass Enterprise Mobility Manager Enterprise Mobility Manager Agent
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2012-4587 LOW Monitor

McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1, when one-time provisioning (OTP) mode is enabled, have an improper dependency on DNS SRV records, which makes it. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Apple Enterprise Mobility Manager Enterprise Mobility Manager Agent
NVD
CVSS 2.0
3.5
EPSS
0.2%
EPSS 4% CVSS 4.8
MEDIUM POC PATCH This Month

WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Api Manager App Manager +15
NVD GitHub
EPSS 0% CVSS 5.0
MEDIUM This Month

The Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not set the secure flag for the ASP.NET session cookie in an https session, which makes it easier for remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Enterprise Mobility Manager
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 discloses the name of the user account for an IIS worker process, which allows remote attackers to obtain potentially. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Enterprise Mobility Manager
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 might allow remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Enterprise Mobility Manager
NVD
EPSS 0% CVSS 2.1
LOW Monitor

Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Enterprise Mobility Manager
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1 record all invalid usernames presented in failed login attempts, and place them on a list of accounts that an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Authentication Bypass Enterprise Mobility Manager +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1, when one-time provisioning (OTP) mode is enabled, have an improper dependency on DNS SRV records, which makes it. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Apple Enterprise Mobility Manager +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy