RCE in Mcafee Enterprise_security_manager

CVE-2015-7310

McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) before 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7 allow remote authenticated user…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.005 (65.8th percentile) — read the EPSS interpretation.

Affected products

Mcafee Enterprise_security_manager
Mcafee Enterprise_security_manager\/log_manager
Mcafee Enterprise_security_manager\/receiver
N/a — versions n/a

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
1033654 (vdb-entry, x_refsource_SECTRACK)