What is the severity of CVE-2013-4883?

CVE-2013-4883 has a medium severity rating due to the potential for cross-site scripting attacks.

How do I fix CVE-2013-4883?

To fix CVE-2013-4883, upgrade the McAfee ePolicy Orchestrator to version 4.6.7 or later.

What are the potential impacts of exploiting CVE-2013-4883?

Exploiting CVE-2013-4883 could allow attackers to execute arbitrary script code in the context of the user's browser.

Which versions of McAfee ePolicy Orchestrator are affected by CVE-2013-4883?

CVE-2013-4883 affects McAfee ePolicy Orchestrator 4.6.6 and earlier versions.

Is McAfee Agent impacted by CVE-2013-4883?

Yes, the ePO Extension for the McAfee Agent versions 4.5 through 4.6 are affected by CVE-2013-4883.

Vulnerability/
CVE-2013-4883

medium

4.3

CWE

21/7/2013

6/8/2024

CVE-2013-4883: XSS

First published: Sun Jul 21 2013(Updated: )

Multiple cross-site scripting (XSS) vulnerabilities in McAfee ePolicy Orchestrator 4.6.6 and earlier, and the ePO Extension for the McAfee Agent (MA) 4.5 through 4.6, allow remote attackers to inject arbitrary web script or HTML via the (1) instanceId parameter core/loadDisplayType.do; (2) instanceId or (3) monitorUrl parameter to console/createDashboardContainer.do; uid parameter to (4) ComputerMgmt/sysDetPanelBoolPie.do or (5) ComputerMgmt/sysDetPanelSummary.do; (6) uid, (7) orion.user.security.token, or (8) ajaxMode parameter to ComputerMgmt/sysDetPanelQry.do; or (9) uid, (10) orion.user.security.token, or (11) ajaxMode parameter to ComputerMgmt/sysDetPanelSummary.do.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
McAfee ePolicy Orchestrator	<=4.6.6
McAfee ePolicy Orchestrator	=4.6.0
McAfee ePolicy Orchestrator	=4.6.1
McAfee ePolicy Orchestrator	=4.6.2
McAfee ePolicy Orchestrator	=4.6.3
McAfee ePolicy Orchestrator	=4.6.4
McAfee ePolicy Orchestrator	=4.6.5
Trellix ePolicy Orchestrator	=4.5
Trellix ePolicy Orchestrator	=4.6

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-4883?
CVE-2013-4883 has a medium severity rating due to the potential for cross-site scripting attacks.
How do I fix CVE-2013-4883?
To fix CVE-2013-4883, upgrade the McAfee ePolicy Orchestrator to version 4.6.7 or later.
What are the potential impacts of exploiting CVE-2013-4883?
Exploiting CVE-2013-4883 could allow attackers to execute arbitrary script code in the context of the user's browser.
Which versions of McAfee ePolicy Orchestrator are affected by CVE-2013-4883?
CVE-2013-4883 affects McAfee ePolicy Orchestrator 4.6.6 and earlier versions.
Is McAfee Agent impacted by CVE-2013-4883?
Yes, the ePO Extension for the McAfee Agent versions 4.5 through 4.6 are affected by CVE-2013-4883.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/author
agent/severity
agent/first-publish-date
agent/description
agent/event
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/mcafee
canonical/mcafee epolicy orchestrator
version/mcafee epolicy orchestrator/4.6.6
version/mcafee epolicy orchestrator/4.6.0
version/mcafee epolicy orchestrator/4.6.1
version/mcafee epolicy orchestrator/4.6.2
version/mcafee epolicy orchestrator/4.6.3
version/mcafee epolicy orchestrator/4.6.4
version/mcafee epolicy orchestrator/4.6.5
canonical/trellix epolicy orchestrator
version/trellix epolicy orchestrator/4.5
version/trellix epolicy orchestrator/4.6