McAfee ePolicy Orchestrator Multiple Vulnerabilities
RISK: High Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities were identified in McAfee EPolicy Orchestrator, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure, data manipulation and cross-site scripting on the targeted system.
- Proof Of Concept Exploit Code Is Publicly Available for CVE-2021-23840
- Cross-Site Scripting
- Information Disclosure
- Denial of Service
- Data Manipulation
System / Technologies affected
- Version ePO 5.10 prior to CU 11
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
Update to version ePO 5.10 CU 11