McAfee ePolicy Orchestrator CSV File Handling Arbitrary Command Execution (SB10227)

Medium Nessus Plugin ID 110813

Synopsis

The remote host is affected by arbitrary command execution.

Description

The remote host is running a version of McAfee ePolicy Orchestrator that contains a flaw that is triggered as user-supplied input passed via CSV files is not properly sanitized. This may allow a context- dependent attacker to potentially execute arbitrary commands.

Solution

Upgrade to ePO 5.9.1 or later.

See Also

http://www.nessus.org/u?5cec3a9e

Plugin Details

Severity: Medium

ID: 110813

File Name: mcafee_epo_sb10227.nasl

Version: 1.2

Type: local

Family: Misc.

Published: 2018/06/29

Modified: 2018/08/10

Dependencies: 67119

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 4.3

Vector: CVSS2#AV:A/AC:H/Au:N/C:P/I:P/A:P

CVSSv3

Base Score: 5.4

Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L

Vulnerability Information

CPE: cpe:/a:mcafee:epolicy_orchestrator

Required KB Items: SMB/mcafee_epo/Path, SMB/mcafee_epo/ver

Patch Publication Date: 2017/11/30

Vulnerability Publication Date: 2017/07/26

Reference Information

CVE: CVE-2017-3936

CERT: 978508

MCAFEE-SB: SB10227