McAfee ePolicy Orchestrator 5.1.x < 5.1.3 HF1167014 / 5.3.x < 5.3.1 HF1179709 / 5.3.x < 5.3.2 HF1167013 Blind SQL Injection (SB10187)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Windows host is affected by a blind SQL injection
vulnerability.

Description :

The remote Windows host is running a version of McAfee ePolicy
Orchestrator 5.1.x prior to 5.1.3 hotfix 1167014, 5.3.x prior to 5.3.1
hotfix 1179709, or 5.3.x prior to 5.3.2 hotfix 1167013. It is,
therefore, affected by a blind SQL injection vulnerability in the
ePolicy Orchestrator (ePO) Core Services component due to a failure to
properly sanitize user-supplied input to unspecified parameters. An
unauthenticated, remote attacker can exploit this vulnerability, via a
specially crafted HTTP POST request, to inject or manipulate SQL
queries, resulting in the disclosure or manipulation of arbitrary
data.

See also :

https://kc.mcafee.com/corporate/index?page=content&id=SB10187
http://www.talosintelligence.com/reports/TALOS-2016-0229/

Solution :

Upgrade to McAfee ePO version 5.1.3 hotfix 1167014 / 5.3.1 hotfix
1179709 / 5.3.2 hotfix 1167013 or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 97352 ()

Bugtraq ID: 95981

CVE ID: CVE-2016-8027

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now