SB10240 - ePolicy Orchestrator (ePO) - Information disclosure vulnerablity
CVE-2018-6672

5.7MEDIUM

Key Information:

Vendor

Mcafee
Status
Epolicy Orchestrator (epo)
Vendor
CVE Published:
15 June 2018

What is CVE-2018-6672?

Information disclosure vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 < 5.3.3 with hotfix EPO5xHF1229850

ePolicy Orchestrator (ePO) 5.9.0 through 5.9.1 < 5.9.1 with hotfix EPO5xHF1229850

References

http://www.securityfocus.com/bid/104485
vdb-entryx_refsource_BID
https://kc.mcafee.com/corporate/index?page=content&id=SB1...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1041155
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
5.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.