2 matches found
CVE-2022-0862 ePO password change vulnerability
A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise ePolicy Orchestrator ePO prior to 5.10 Update 13 allows a remote attacker to change the password of a compromised session without knowing the existing user's password. This functionality was removed from...
CVE-2022-0862
CVE-2022-0862 describes a password-change protection weakness in McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13, via a depreciated API. A remote attacker could change the password of a compromised session without knowing the current password. The UI removed this functionality ...