McAfee ePolicy Orchestrator Java Object Deserialization RCE
Critical Nessus Plugin ID 88624
SynopsisA security management application installed on the remote Windows host is affected by a remote code execution vulnerability.
DescriptionThe McAfee ePolicy Orchestrator (ePO) installed on the remote Windows host is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections (ACC) library. An unauthenticated, remote attacker can exploit this to execute arbitrary code on the target host.
SolutionUpgrade to McAfee ePO version 5.1.3 / 5.3.1 and then apply hotfix EPO5xHF1106041.zip. A patch for ePO version 5.1.4 is scheduled to be released in Q2 of 2016.