CVE-2012-4594

medium

Trellix

CVSS v3 Base Score

4.0

AV:N/AC:L/Au:S/C:P/I:N/A:N

EPSS Score

0.2%

Exploitation probability in 30 days

Top 64% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

Integrity

None

Availability

None

Published: August 22, 2012 (5013 days ago)

Last Modified: April 29, 2026

Vendor: Trellix

Source: NVD

Description

McAfee ePolicy Orchestrator (ePO) 4.6.1 and earlier allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information from arbitrary reporting panels, via a modified ID value in a console URL.

CWE

CWE-264

Affected Products

mcafee epolicy orchestrator

References

🔗 exchange.xforce.ibmcloud.com 🔗 kc.mcafee.com 🔗 exchange.xforce.ibmcloud.com 🔗 kc.mcafee.com

CVE-2012-4594

Vulnerability Report

Description

CWE

Affected Products

References