McAfee ePolicy Orchestrator sérülékenységek

Típus: Hírek
Publikálva: 15/06/2018
A két felfedezett és javított sérülékenység:
- CVE-2018-6671 (CVSS: 4.7; Severity: Medium) - Application protections bypass vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows remote authenticated users to bypass localhost only access security protection for some ePO features via a specially crafted HTTP request.
- CVE-2018-6672 (CVSS: 5.7; Severity: Medium) - Information disclosure vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors.

A javítást már tartalmazó ePo verziók:
- 5.9.1  EPO5xHF1229850
- 5.3.3  EPO5xHF1229850


A teljes cikk elérhető az alábbi linken:
https://kc.mcafee.com/corporate/index?page=content&id=SB10240


Kapcsolat

+36 1 371 2 370
mcafee.ecs.hu@arrow.com

 CL Social Media Icon - Facebook 40px CL Social Media Icon - Twitter 40px CL Social Media Icon - Blog 40px  YouTube_40  McAfee_SDS_badge