SB10240 - ePolicy Orchestrator (ePO) - Information disclosure vulnerablity
CVE-2018-6672

5.7MEDIUM

Key Information:

Vendor: Mcafee
Status: Epolicy Orchestrator (epo)
Vendor: CVE Published:; 15 June 2018

What is CVE-2018-6672?

Information disclosure vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors.

Affected Version(s)

ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 < 5.3.3 with hotfix EPO5xHF1229850

ePolicy Orchestrator (ePO) 5.9.0 through 5.9.1 < 5.9.1 with hotfix EPO5xHF1229850

References

http://www.securityfocus.com/bid/104485

vdb-entryx_refsource_BID

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1041155

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2018
Vulnerability Reserved
Feb 6, 2018

Mcafee

What is CVE-2018-6672?

Affected Version(s)

References

CVSS V3.1

Timeline