What is the severity of CVE-2015-7310?

CVE-2015-7310 has a high severity rating due to its potential for remote code execution affecting McAfee Enterprise Security Manager products.

How do I fix CVE-2015-7310?

To fix CVE-2015-7310, upgrade to versions 9.3.2MR18, 9.4.2MR8, or 9.5.0MR7 or later of McAfee Enterprise Security Manager.

What are the affected versions for CVE-2015-7310?

Affected versions for CVE-2015-7310 include McAfee Enterprise Security Manager prior to 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7.

Who can exploit CVE-2015-7310?

CVE-2015-7310 can be exploited by remote authenticated users who can execute arbitrary OS commands via crafted file names.

What products are impacted by CVE-2015-7310?

Products impacted by CVE-2015-7310 include McAfee Enterprise Security Manager, Log Manager, and Receiver versions affected prior to the respective fixed releases.

Vulnerability/
CVE-2015-7310

medium

6.5

CWE

22/9/2015

6/8/2024

CVE-2015-7310: OS Command Injection

First published: Tue Sep 22 2015(Updated: )

McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) before 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7 allow remote authenticated users to execute arbitrary OS commands via a crafted filename, which is not properly handled when downloading the file.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
McAfee Enterprise Security Manager	<=9.3.2
McAfee Enterprise Security Manager	<=9.4.2
McAfee Enterprise Security Manager	<=9.5.0
Mcafee Enterprise Security Manager\/log Manager	<=9.3.2
Mcafee Enterprise Security Manager\/log Manager	<=9.4.2
Mcafee Enterprise Security Manager\/log Manager	<=9.5.0
Mcafee Enterprise Security Manager\/receiver	<=9.3.2
Mcafee Enterprise Security Manager\/receiver	<=9.4.2
Mcafee Enterprise Security Manager\/receiver	<=9.5.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-7310?
CVE-2015-7310 has a high severity rating due to its potential for remote code execution affecting McAfee Enterprise Security Manager products.
How do I fix CVE-2015-7310?
To fix CVE-2015-7310, upgrade to versions 9.3.2MR18, 9.4.2MR8, or 9.5.0MR7 or later of McAfee Enterprise Security Manager.
What are the affected versions for CVE-2015-7310?
Affected versions for CVE-2015-7310 include McAfee Enterprise Security Manager prior to 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7.
Who can exploit CVE-2015-7310?
CVE-2015-7310 can be exploited by remote authenticated users who can execute arbitrary OS commands via crafted file names.
What products are impacted by CVE-2015-7310?
Products impacted by CVE-2015-7310 include McAfee Enterprise Security Manager, Log Manager, and Receiver versions affected prior to the respective fixed releases.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
agent/severity
agent/author
agent/description
agent/event
agent/tags
agent/first-publish-date
agent/source
vendor/mcafee
canonical/mcafee enterprise security manager
version/mcafee enterprise security manager/9.3.2
version/mcafee enterprise security manager/9.4.2
version/mcafee enterprise security manager/9.5.0
canonical/mcafee enterprise security manager\/log manager
version/mcafee enterprise security manager\/log manager/9.3.2
version/mcafee enterprise security manager\/log manager/9.4.2
version/mcafee enterprise security manager\/log manager/9.5.0
canonical/mcafee enterprise security manager\/receiver
version/mcafee enterprise security manager\/receiver/9.3.2
version/mcafee enterprise security manager\/receiver/9.4.2
version/mcafee enterprise security manager\/receiver/9.5.0