Detections
Analytics
McAfee ePolicy Orchestrator Insufficient Transport Layer Protection (SB10286)
medium Nessus Plugin ID 127115
Language:
Synopsis
The remote host is affected by insufficient transport layer protection.Description
The remote host is running a version of McAfee ePolicy Orchestrator that is affected by insufficient transport layer protection. The ePO Agent Handler can incorrectly revert to plain text communication with the configured SQL server. A remote, unauthenticated attacker could exploit this to view sensitives information by sniffing the communication between the ePO Agent Handler and the SQL server.Solution
Upgrade to ePO 5.9.1 HF1267793 / 5.10.0 Update 4 or later.See Also
https://kc.mcafee.com/corporate/index?page=content&id=SB10286
Plugin Details
Severity: Medium
ID: 127115
File Name: mcafee_epo_sb10286.nasl
Version: 1.5
Type: local
Agent: windows
Family: Misc.
Published: 8/5/2019
Updated: 10/23/2020
Configuration: Enable paranoid mode
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 4
Temporal Score: 3
Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS Score Source: CVE-2019-3619
CVSS v3
Risk Factor: Medium
Base Score: 4.9
Temporal Score: 4.3
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:mcafee:epolicy_orchestrator
Required KB Items: Settings/ParanoidReport, SMB/mcafee_epo/Path, SMB/mcafee_epo/ver
Exploit Ease: No known exploits are available
Patch Publication Date: 7/2/2019
Vulnerability Publication Date: 7/2/2019
Reference Information
CVE: CVE-2019-3619
BID: 109066
IAVA: 2019-A-0273-S
MCAFEE-SB: SB10286