Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	APP:MCAFEE-AM-INPUT
Severity	Major
Recommended	No
Recommended Action	Drop
Category	APP
Keywords	McAfee Asset Manager ReportsAudit.jsp Input Validation Error (HTTP)
Release Date	2014/05/08
Update Number	2372
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: McAfee Asset Manager ReportsAudit.jsp Input Validation Error (HTTP)

This signature detects attempts to exploit an input validation vulnerability in the ReportsAudit.jsp file in McAfee Asset Manager. Attackers can submit a malicious request to execute arbitrary commands.

Extended Description

SQL injection vulnerability in jsp/reports/ReportsAudit.jsp in McAfee Asset Manager 6.6 allows remote authenticated users to execute arbitrary SQL commands via the username of an audit report (aka user parameter).

Affected Products

Mcafee asset_manager 6.6

References

BugTraq: 66302
CVE: CVE-2014-2587

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

APP: McAfee Asset Manager ReportsAudit.jsp Input Validation Error (HTTP)

Extended Description

Affected Products

References