How severe is CVE-2018-6672?

Medium severity. CVSS v3 base score is 5.7 out of 10.

Vulnerability in Mcafee Epolicy Orchestrator (Epo)

CVE-2018-6672

Information disclosure vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors.

EPSS: 0.005 (68.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.7 (Medium). Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N.

Affected products

Mcafee Epolicy Orchestrator (Epo) — versions 5.3.0 through 5.3.3, 5.9.0 through 5.9.1

References

104485 (vdb-entry, x_refsource_BID)
kc.mcafee.com/corporate/index (x_refsource_CONFIRM)
1041155 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2018-6672?: CVE-2018-6672 is a medium-severity vulnerability in Mcafee Epolicy Orchestrator (Epo). CVSS score: 5.7/10. Published 2018-06-15.
How severe is CVE-2018-6672?: Medium severity. CVSS v3 base score is 5.7 out of 10.