CVE-2014-2587

N/A Unknown

Published: March 24, 2014 Modified: May 06, 2026

Description

SQL injection vulnerability in jsp/reports/ReportsAudit.jsp in McAfee Asset Manager 6.6 allows remote authenticated users to execute arbitrary SQL commands via the username of an audit report (aka user parameter).

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://packetstormsecurity.com/files/125775/McAfee-Cloud-SSO-Asset-Manager-Issues.html

Source: cve@mitre.org

Exploit

http://seclists.org/fulldisclosure/2014/Mar/325

Source: cve@mitre.org

Exploit

http://www.exploit-db.com/exploits/32368

Source: cve@mitre.org

Exploit

http://www.osvdb.org/104634

Source: cve@mitre.org

http://www.securityfocus.com/bid/66302

Source: cve@mitre.org

http://www.securitytracker.com/id/1029927

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/91929

Source: cve@mitre.org

http://packetstormsecurity.com/files/125775/McAfee-Cloud-SSO-Asset-Manager-Issues.html