cvedb.io
CVE-2022-1258
HIGH · CVSS 8.4
EPSS exploitation probability: 0%
Published 2022-04-14T15:15:08.067 · Last modified 2026-06-17T04:22:06.317

Summary

A blind SQL injection vulnerability in the ePolicy Orchestrator (ePO) extension of MA prior to 5.7.6 can be exploited by an authenticated administrator on ePO to perform arbitrary SQL queries in the back-end database, potentially leading to command execution on the server.

Affected products

mcafee — agent

Does this affect you?

Add your gear to cvedb and we'll alert you only when mcafee ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.