Rapid7 Vulnerability & Exploit Database

McAfee Endpoint Security Platform: CVE-2020-7332: Endpoint security for windows update fixes three vulnerabilities (SB10335)

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

McAfee Endpoint Security Platform: CVE-2020-7332: Endpoint security for windows update fixes three vulnerabilities (SB10335)

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

11/12/2020

Created

11/18/2020

Added

11/17/2020

Modified

12/21/2020

Description

Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows an attacker to execute arbitrary HTML code due to incorrect security configuration.

Solution(s)

mcafee-endpoint-security-platform-upgrade-10-6-1-2182
mcafee-endpoint-security-platform-upgrade-10-7-0-2174

References

https://attackerkb.com/topics/cve-2020-7332
CVE - 2020-7332
SB10335

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

McAfee Endpoint Security Platform: CVE-2020-7332: Endpoint security for windows update fixes three vulnerabilities (SB10335)

McAfee Endpoint Security Platform: CVE-2020-7332: Endpoint security for windows update fixes three vulnerabilities (SB10335)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.