CVE-2015-0922

NONECVSS 0.0

0.0

McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 uses the same secret key across different customers' installations, which allows attackers to obtain the administrator password by leveraging knowledge of the encrypted password.

🔗 References (16)

cve@mitrehttp://packetstormsecurity.com/files/129827/McAfee-ePolicy-Orchestrator-Authenticated-XXE-Credential-Exposure.html
cve@mitrehttp://seclists.org/fulldisclosure/2015/Jan/37
cve@mitrehttp://seclists.org/fulldisclosure/2015/Jan/8
cve@mitrehttp://www.securityfocus.com/bid/72298
cve@mitrehttp://www.securitytracker.com/id/1031519
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/99949
cve@mitrehttps://gist.github.com/brandonprry/692e553975bf29aeaf2c
cve@mitrehttps://kc.mcafee.com/corporate/index?page=content&id=SB10095
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/129827/McAfee-ePolicy-Orchestrator-Authenticated-XXE-Credential-Exposure.html
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2015/Jan/37
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2015/Jan/8
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/72298
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1031519
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/99949
af854a3a-2127-422b-91ae-364da2661108https://gist.github.com/brandonprry/692e553975bf29aeaf2c

Is Your Infrastructure Affected by CVE-2015-0922?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2015-0922

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2015-0922?