McAfee ePolicy Orchestrator 5.1.x < 5.1.3 HF1193124 / 5.3.x < 5.3.1 HF1194398 / 5.3.2 < 5.3.2 HF1193123 / 5.9.x < 5.9.0 HF1193951 Path Traversal RCE (SB10196)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

A security management application installed on the remote Windows
host is affected by a remote code execution vulnerability.

Description :

The version of McAfee ePolicy Orchestrator (ePO) installed on the
remote Windows host is 5.1.x prior to 5.1.3 hotfix 1193124, 5.3.x
prior to 5.3.1 hotfix 1194398, 5.3.2 prior to 5.3.2 hotfix 1193123, or
5.9.x prior to 5.9.0 hotfix 1193951. It is affected by a remote
command execution vulnerability due to improper sanitization of
user-supplied input. An authenticated, remote attacker can exploit
this, via a specially crafted request that uses directory traversal,
to execute arbitrary commands.

See also :

https://kc.mcafee.com/corporate/index?page=content&id=SB10196

Solution :

Upgrade to McAfee ePO version 5.1.3 hotfix 1193124 / 5.3.1 hotfix
1194398 / 5.3.2 hotfix 1193123 / 5.9.0 hotfix 1193951 or later.

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 100572 ()

Bugtraq ID: 98559

CVE ID: CVE-2017-3980

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now