cvedb.io
CVE-2017-3907
MEDIUM · CVSS 5.4
EPSS exploitation probability: 0%
Published 2018-06-13T21:29:00.220 · Last modified 2026-06-17T01:19:09.573

Summary

Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and earlier allows remote attackers to execute arbitrary HTML code to be reflected in the response web page via unspecified vector.

Affected products

mcafee — mcafee_threat_intelligence_exchange

Does this affect you?

Add your gear to cvedb and we'll alert you only when mcafee ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.