McAfee ePolicy Orchestrator man-in-the-middle attack Vulnerability (CVE-2015-2859)

McAfee ePolicy Orchestrator man-in-the-middle attack Vulnerability (CVE-2015-2859)
McAfee ePolicy Orchestrator man-in-the-middle attack Vulnerability (CVE-2015-2859)

Release date:
Updated on:

Affected Systems:

McAfee ePolicy Orchestrator < 5.1.2
McAfee ePolicy Orchestrator < 4.6.9
McAfee ePolicy Orchestrator

Description:

CVE (CAN) ID: CVE-2015-2859

McAfee ePolicy Orchestrator is an industry-leading system security management solution that helps enterprises effectively defend against various malicious threats and attacks.

McAfee ePolicy Orchestrator (ePO) supports integration with external registration servers, and can also be configured to use ssl/tls to encrypt communications with the registration server. After the CA, CN, and DN signatures listed in the verification certificate fail, these communication links may be vulnerable to man-in-the-middle attacks and spoofing attacks, attackers can exploit this vulnerability to obtain and manipulate HTTPS communication between the ePO application and the registration server.

<* Source: McAfee

Link: http://www.kb.cert.org/vuls/id/264092
*>

Suggestion:

Vendor patch:

McAfee
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Https://cwe.mitre.org/data/definitions/295.html
Https://kc.mcafee.com/corporate/index? Page = content & id = SB10120
Https://kc.mcafee.com/corporate/index? Page = content & id = KB84628
Https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/25000/PD25856/en_US/EPO_4_6_9_release_notes.pdf
Https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/25000/PD25902/en_US/ePO512ReleaseNotes.pdf

This article permanently updates the link address: