Intel McAfee ePolicy Orchestrator (ePO) 4.x through 4.6.9 and 5.x through 5.1.2 does not validate server names and Certification Authority names in X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Epolicy_orchestrator | Mcafee | 4.6.0 | 4.6.0 |
Epolicy_orchestrator | Mcafee | 4.5.4 | 4.5.4 |
Epolicy_orchestrator | Mcafee | 4.5.7 | 4.5.7 |
Epolicy_orchestrator | Mcafee | 4.6.5 | 4.6.5 |
Epolicy_orchestrator | Mcafee | 5.0.0 | 5.0.0 |
Epolicy_orchestrator | Mcafee | 5.1.0 | 5.1.0 |
Epolicy_orchestrator | Mcafee | 5.1.1 | 5.1.1 |
Epolicy_orchestrator | Mcafee | 4.6.7 | 4.6.7 |
Epolicy_orchestrator | Mcafee | 4.5.0 | 4.5.0 |
Epolicy_orchestrator | Mcafee | 4.0 | 4.0 |
Epolicy_orchestrator | Mcafee | 4.5.5 | 4.5.5 |
Epolicy_orchestrator | Mcafee | 4.6.3 | 4.6.3 |
Epolicy_orchestrator | Mcafee | 5.0.1 | 5.0.1 |
Epolicy_orchestrator | Mcafee | 4.6.8 | 4.6.8 |
Epolicy_orchestrator | Mcafee | 4.6.2 | 4.6.2 |
Epolicy_orchestrator | Mcafee | 4.6.9 | 4.6.9 |
Epolicy_orchestrator | Mcafee | 4.6.4 | 4.6.4 |
Epolicy_orchestrator | Mcafee | 4.6.6 | 4.6.6 |
Epolicy_orchestrator | Mcafee | 5.1.2 | 5.1.2 |
Epolicy_orchestrator | Mcafee | 4.5.3 | 4.5.3 |
Epolicy_orchestrator | Mcafee | 4.5.6 | 4.5.6 |
Epolicy_orchestrator | Mcafee | 4.6.1 | 4.6.1 |