Skip to main content

McAfee ePolicy Orchestrator Multiple Vulnerabilities

Release Date: 25 Oct 2021 4236 Views

RISK: High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities were identified in McAfee EPolicy Orchestrator, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure, data manipulation and cross-site scripting on the targeted system.



  • Proof Of Concept Exploit Code Is Publicly Available for CVE-2021-23840


  • Cross-Site Scripting
  • Information Disclosure
  • Denial of Service
  • Data Manipulation

System / Technologies affected

  • Version ePO 5.10 prior to CU 11


Before installation of the software, please visit the vendor web-site for more details.

  • Apply fixes issued by the vendor:
    Update to version ePO 5.10 CU 11

Vulnerability Identifier


Related Link