Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple VMware Carbon Black App Control Vulnerability
March 24, 2022
Rewterz
Rewterz Threat Advisory – CVE-2022-25766 – Node.js ungit module Vulnerability
March 24, 2022

Rewterz Threat Advisory – Multiple McAfee ePolicy Orchestrator Vulnerability

Severity

Medium

Analysis Summary

CVE-2022-0842

McAfee ePolicy Orchestrator is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

CVE-2022-0857

McAfee ePolicy Orchestrator is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2022-0858

McAfee ePolicy Orchestrator is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the User Interface. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2022-0861

McAfee ePolicy Orchestrator could allow a remote authenticated attacker to obtain sensitive information, caused by an XML Extended entity in the extension import functionality. By using a specially-crafted XML file, a remote attacker could exploit this vulnerability to obtain sensitive information and the ability to alter data.

CVE-2022-0862

McAfee ePolicy Orchestrator could allow a remote authenticated attacker to bypass security restrictions, caused by lack of password change protection vulnerability in a depreciated API. An attacker could exploit this vulnerability to change the password of a compromised session without knowing the user’s password.

Impact

  • SQL Injection
  • Data Manipulation
  • Cross-Site Scripting
  • Information Disclosure
  • Security Bypass

Indicator Of Compromise

CVE

  • CVE-2022-0857
  • CVE-2022-0858
  • CVE-2022-0859
  • CVE-2022-0861

Affected Vendors

McAfee

Affected Products

  • McAfee ePolicy Orchestrator 2.5.1
  • McAfee ePolicy Orchestrator 2.0
  • McAfee ePolicy Orchestrator 2.5
  • McAfee ePolicy Orchestrator 3.0

Remediation

Refer to McAfee Security Bulletin for the patch, upgrade, or suggested workaround information.

McAfee Security Bulletin