Information disclosure

2019-07-0314:15:00

PRIOn knowledge base

www.prio-n.com

5.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.1%

JSON

Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 prior to 5.10.0 update 4 allows remote unauthenticated attacker to view sensitive information in plain text via sniffing the traffic between the Agent Handler and the SQL server.

CPENameOperatorVersion
epolicy_orchestratoreq5.9.0
epolicy_orchestratoreq5.9.1
epolicy_orchestratoreq5.10.0 update-1
epolicy_orchestratoreq5.10.0 update-2
epolicy_orchestratoreq5.10.0 update-3
epolicy_orchestratoreq5.10.0

Name	Operator	Version
epolicy_orchestrator	eq	5.9.0
epolicy_orchestrator	eq	5.9.1
epolicy_orchestrator	eq	5.10.0 update-1
epolicy_orchestrator	eq	5.10.0 update-2
epolicy_orchestrator	eq	5.10.0 update-3
epolicy_orchestrator	eq	5.10.0