CVE-2013-0140

high

Trellix

CVSS v3 Base Score

7.9

AV:A/AC:M/Au:N/C:C/I:C/A:C

EPSS Score

3.8%

Exploitation probability in 30 days

Top 12% most likely to be exploited

Attack Characteristics

Attack Vector

Adjacent

Attack Complexity

Confidentiality

Integrity

Availability

Published: May 1, 2013 (4761 days ago)

Last Modified: April 29, 2026

Vendor: Trellix

Source: NVD

Description

SQL injection vulnerability in the Agent-Handler component in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to execute arbitrary SQL commands via a crafted request over the Agent-Server communication channel.

CWE

CWE-89

Affected Products

mcafee epolicy orchestrator

References

🔗 seclists.org 🔗 www.kb.cert.org 🔗 www.securityfocus.com 🔗 www.us-cert.gov 🔗 kc.mcafee.com

CVE-2013-0140

Vulnerability Report

Description

CWE

Affected Products

References