What is the severity of CVE-2015-7310?

CVE-2015-7310 has a high severity rating due to its potential for remote code execution affecting McAfee Enterprise Security Manager products.

How do I fix CVE-2015-7310?

To fix CVE-2015-7310, upgrade to versions 9.3.2MR18, 9.4.2MR8, or 9.5.0MR7 or later of McAfee Enterprise Security Manager.

What are the affected versions for CVE-2015-7310?

Affected versions for CVE-2015-7310 include McAfee Enterprise Security Manager prior to 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7.

Who can exploit CVE-2015-7310?

CVE-2015-7310 can be exploited by remote authenticated users who can execute arbitrary OS commands via crafted file names.

What products are impacted by CVE-2015-7310?

Products impacted by CVE-2015-7310 include McAfee Enterprise Security Manager, Log Manager, and Receiver versions affected prior to the respective fixed releases.

Vulnerability/
CVE-2015-7310

medium

6.5

CWE

22/9/2015

6/8/2024

CVE-2015-7310: OS Command Injection

First published: Tue Sep 22 2015(Updated: )

McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) before 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7 allow remote authenticated users to execute arbitrary OS commands via a crafted filename, which is not properly handled when downloading the file.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
HP Enterprise Security Manager	<=9.3.2
HP Enterprise Security Manager	<=9.4.2
HP Enterprise Security Manager	<=9.5.0
McAfee Enterprise Security Manager	<=9.3.2
McAfee Enterprise Security Manager	<=9.4.2
McAfee Enterprise Security Manager	<=9.5.0
McAfee Enterprise Security Manager	<=9.3.2
McAfee Enterprise Security Manager	<=9.4.2
McAfee Enterprise Security Manager	<=9.5.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-7310?
CVE-2015-7310 has a high severity rating due to its potential for remote code execution affecting McAfee Enterprise Security Manager products.
How do I fix CVE-2015-7310?
To fix CVE-2015-7310, upgrade to versions 9.3.2MR18, 9.4.2MR8, or 9.5.0MR7 or later of McAfee Enterprise Security Manager.
What are the affected versions for CVE-2015-7310?
Affected versions for CVE-2015-7310 include McAfee Enterprise Security Manager prior to 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7.
Who can exploit CVE-2015-7310?
CVE-2015-7310 can be exploited by remote authenticated users who can execute arbitrary OS commands via crafted file names.
What products are impacted by CVE-2015-7310?
Products impacted by CVE-2015-7310 include McAfee Enterprise Security Manager, Log Manager, and Receiver versions affected prior to the respective fixed releases.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
agent/severity
agent/author
agent/description
agent/event
agent/first-publish-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/mcafee
canonical/hp enterprise security manager
version/hp enterprise security manager/9.3.2
version/hp enterprise security manager/9.4.2
version/hp enterprise security manager/9.5.0
canonical/mcafee enterprise security manager
version/mcafee enterprise security manager/9.3.2
version/mcafee enterprise security manager/9.4.2
version/mcafee enterprise security manager/9.5.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.