Lucene search

K
nvd[email protected]NVD:CVE-2015-0922
HistoryJan 09, 2015 - 6:59 p.m.

CVE-2015-0922

2015-01-0918:59:11
CWE-200
web.nvd.nist.gov
2

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

0.011

Percentile

84.7%

McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 uses the same secret key across different customers’ installations, which allows attackers to obtain the administrator password by leveraging knowledge of the encrypted password.

Affected configurations

Nvd
Node
mcafeeepolicy_orchestratorRange4.6.8
OR
mcafeeepolicy_orchestratorMatch5.0.0
OR
mcafeeepolicy_orchestratorMatch5.0.1
OR
mcafeeepolicy_orchestratorMatch5.1.0
OR
mcafeeepolicy_orchestratorMatch5.1.1
VendorProductVersionCPE
mcafeeepolicy_orchestrator*cpe:2.3:a:mcafee:epolicy_orchestrator:*:*:*:*:*:*:*:*
mcafeeepolicy_orchestrator5.0.0cpe:2.3:a:mcafee:epolicy_orchestrator:5.0.0:*:*:*:*:*:*:*
mcafeeepolicy_orchestrator5.0.1cpe:2.3:a:mcafee:epolicy_orchestrator:5.0.1:*:*:*:*:*:*:*
mcafeeepolicy_orchestrator5.1.0cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.0:*:*:*:*:*:*:*
mcafeeepolicy_orchestrator5.1.1cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.1:*:*:*:*:*:*:*

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

0.011

Percentile

84.7%