CVE-2015-7310

medium

Trellix

CVSS v3 Base Score

6.5

AV:N/AC:L/Au:S/C:P/I:P/A:P

EPSS Score

0.5%

Exploitation probability in 30 days

Top 35% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: September 22, 2015 (3888 days ago)

Last Modified: May 6, 2026

Vendor: Trellix

Source: NVD

Description

McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) before 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7 allow remote authenticated users to execute arbitrary OS commands via a crafted filename, which is not properly handled when downloading the file.

CWE

CWE-78

Affected Products

mcafee enterprise security managermcafee enterprise security manager\/log managermcafee enterprise security manager\/receiver

References

🔗 www.securitytracker.com 🔗 kc.mcafee.com 🔗 www.securitytracker.com 🔗 kc.mcafee.com

CVE-2015-7310

Vulnerability Report

Description

CWE

Affected Products

References