Mcafee Policy Auditor
Approved changes feed: RSS · Atom
cpe:2.3:a:mcafee,llc:mcafee_policy_auditor:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Mcafee,Llc (a07eec98-d34c-5045-9a0e-859fd3b6002d) |
|---|---|
| Product | Mcafee Policy Auditor (1ec4b237-7afc-52ed-aed3-dd41070d003d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-31852 |
vulnerable | 2026-06-03 14:44:33.631448 |
Cross-Site Scripting vulnerability in Policy Auditor
MEDIUM (6.1)
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the UID request parameter. The malicious script is reflected unmodified into the Policy Auditor web-based interface which could lead to the extract of end user session token or login credentials. These may be used to access additional security-critical applications or conduct arbitrary cross-domain requests.
Published: 2021-11-23T19:16:50.000Z
Updated: 2024-08-03T23:10:30.288Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31851 |
vulnerable | 2026-06-03 14:44:33.630422 |
Cross-Site Scripting vulnerability in Policy Auditor
MEDIUM (6.1)
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the profileNodeID request parameters. The malicious script is reflected unmodified into the Policy Auditor web-based interface which could lead to the extraction of end user session token or login credentials. These may be used to access additional security-critical applications or conduct arbitrary cross-domain requests.
Published: 2021-11-23T19:16:57.000Z
Updated: 2024-08-03T23:10:30.830Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.