漏洞标题
McAfee ePO 信息泄露漏洞
漏洞描述信息
McAfee ePO 信息泄露漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
McAfee ePO Information Leak vulnerability
漏洞描述信息
Information leak vulnerability in the Agent Handler of McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 allows an unauthenticated user to download McAfee product packages (specifically McAfee Agent) available in ePO repository and install them on their own machines to have it managed and then in turn get policy details from the ePO server. This can only happen when the ePO Agent Handler is installed in a Demilitarized Zone (DMZ) to service machines not connected to the network through a VPN.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
漏洞类别
信息暴露
漏洞标题
McAfee ePolicy Orchistrator 信息泄露漏洞
漏洞描述信息
Mcafee McAfee ePolicy Orchistrator(ePO)是美国迈克菲(Mcafee)公司的一套可扩展的安全管理软件。该软件可对终端、网络、内容安全和合规解决方案实现集中的简化管理。 McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 存在信息泄露漏洞,该漏洞允许未经过身份验证的用户下载迈克菲产品包。
CVSS信息
N/A
漏洞类别
信息泄露