McAfee ePolicy Orchestrator Multiple Vulnerabilities
Release Date:
25 Oct 2021
5088
Views
RISK: High Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities were identified in McAfee EPolicy Orchestrator, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure, data manipulation and cross-site scripting on the targeted system.
Notes:
- Proof Of Concept Exploit Code Is Publicly Available for CVE-2021-23840
Impact
- Cross-Site Scripting
- Information Disclosure
- Denial of Service
- Data Manipulation
System / Technologies affected
- Version ePO 5.10 prior to CU 11
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
Update to version ePO 5.10 CU 11
Vulnerability Identifier
- CVE-2021-2161
- CVE-2021-2432
- CVE-2021-3712
- CVE-2021-23840
- CVE-2021-30639
- CVE-2021-31834
- CVE-2021-31835
- CVE-2021-33037
Source
Related Link
Related Tags
Share with