CVE-2021-23890

moderate-risk
Published 2021-03-26

Information leak vulnerability in the Agent Handler of McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 allows an unauthenticated user to download McAfee product packages (specifically McAfee Agent) available in ePO repository and install them on their own machines to have it managed and then in turn get policy details from the ePO server. This can only happen when the ePO Agent Handler is installed in a Demilitarized Zone (DMZ) to service machines not connected to the network through a VPN.

Do I need to act?

-
0.72% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10 Medium
NETWORK / LOW complexity

Affected Products (11)

Affected Vendors

Mcafee

References (2)

https://kc.mcafee.com/corporate/index?page=content&id=SB10352
https://kc.mcafee.com/corporate/index?page=content&id=SB10352
42
/ 100
moderate-risk
Severity 24/34 · High
Exploitability 2/34 · Minimal
Exposure 16/34 · Moderate