McAfee ePolicy Orchestrator 4.x < 4.6.9 / 5.x < 5.1.2 Multiple Vulnerabilities (SB10095)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.

Synopsis :

A security management application installed on the remote host is
affected by multiple vulnerabilities.

Description :

The version of McAfee ePolicy Orchestrator (ePO) installed on the
remote Windows host is 4.x prior to 4.6.9 or 5.x prior to 5.1.2. It
is, therefore, affected by multiple vulnerabilities :

- An XXE (XML External Entity) injection vulnerability
exists in the Server Task Log due to an incorrectly
configured XML parser accepting XML external entities
from an untrusted source. A remote, authenticated
attacker, by sending specially crafted XML data via the
'conditionXML' parameter, can gain access to arbitrary
files. (CVE-2015-0921)

- An information disclosure vulnerability exists due to
the use of a shared secret key to encrypt password
information. A remote attacker with knowledge of the key
can decrypt the administrator password. (CVE-2015-0922)

See also :

Solution :

Upgrade to McAfee ePO version 4.6.9 / 5.1.2 or later, or apply the
vendor-supplied workaround.

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 81106 ()

Bugtraq ID: 71881

CVE ID: CVE-2015-0921

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now