2 matches found
CVE-2015-2859
Intel McAfee ePolicy Orchestrator ePO 4.x through 4.6.9 and 5.x through 5.1.2 does not validate server names and Certification Authority names in X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certifica...
CVE-2015-2859
McAfee ePolicy Orchestrator (ePO) is affected by CVE-2015-2859 due to improper validation of SSL/TLS server certificates (CN/SAN/CA). A MITM attacker can spoof servers and access sensitive data. Affected versions are 4.x up to 4.6.9 and 5.x up to 5.1.2. Remediation: upgrade to the fixed releases ...