ID de Prueba:	1.3.6.1.4.1.25623.1.0.805595
Categoría:	Web application abuses
Título:	McAfee ePolicy Orchestrator Man-in-the-Middle Attack Vulnerability (Jun 2015)
Resumen:	McAfee ePolicy Orchestrator is prone to a man-in-the-middle (MITM) vulnerability.
Descripción:	Summary: McAfee ePolicy Orchestrator is prone to a man-in-the-middle (MITM) vulnerability. Vulnerability Insight: The flaw exists as the application fails to properly validate SSL/TLS certificates Vulnerability Impact: Successful exploitation will allow remote attacker to intercept and manipulate HTTPS traffic between the ePO application and registered servers. Affected Software/OS: McAfee ePolicy Orchestrator version 4.x through 4.6.9 and 5.x through 5.1.2 Solution: Upgrade to McAfee ePolicy Orchestrator version 4.6.9 or 5.1.2 or later, and then apply the manual settings listed the referenced KB article of the vendor. CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2859 BugTraq ID: 75020 http://www.securityfocus.com/bid/75020 CERT/CC vulnerability note: VU#264092 http://www.kb.cert.org/vuls/id/264092 http://www.securitytracker.com/id/1032571
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.