What is CVE-2013-0141?

CVE-2013-0141 is a vulnerability in Mcafee Epolicy_orchestrator, classified under Path Traversal. Published 2013-05-01.

Is CVE-2013-0141 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Mcafee Epolicy_orchestrator

CVE-2013-0141

Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to upload arbitrary files via a crafted request over the Agent-Server communication channel, as demonstrated…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.004 (62.4th percentile) — read the EPSS interpretation.

Affected products

Mcafee Epolicy_orchestrator — versions 2.0, 2.5, 2.5.1
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

funoverip/epowner

References

VU#209131 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)
cret@cert.org (x_refsource_CONFIRM, Vendor Advisory)
TA13-193A (x_refsource_CERT, third-party-advisory)
20140427 Re: Exploit: McAfee ePolicy 0wner (ePowner ) Ã¢â¬â Release (mailing-list, x_refsource_FULLDISC)

Frequently asked questions

What is CVE-2013-0141?: CVE-2013-0141 is a vulnerability in Mcafee Epolicy_orchestrator, classified under Path Traversal. Published 2013-05-01.
Is CVE-2013-0141 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.