McAfee ePolicy Orchestrator Information Disclosure Vulnerability

Summary

Information Disclosure vulnerability in Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 prior to 5.10.0 update 4 allows a remote unauthenticated attacker to view sensitive information in plain text via sniffing the traffic between Agent Handler and the SQL server.

Credit:

The information has been provided by Vendor

The original article can be found at:

https://kc.mcafee.com/corporate/index?page=content&id=SB10286


Details

ePO offers the ability to configure the communication between the McAfee Agent Handler and the SQL Server to be plain text or encrypted over TLS. The Agent Handler was only honoring some of the TLS options, and was incorrectly reverting to plain text communication for the others.
 
Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 before 5.10.0 Update 4 allows a remote unauthenticated attacker to view sensitive information in plain text via sniffing the traffic between the Agent Handler and the SQL Server.

Vulnerable Systems:

McAfee ePolicy Orchestrator 5.10
McAfee ePolicy Orchestrator 5.9.1
McAfee ePolicy Orchestrator 5.9

CVE Information:
CVE-2019-3619

Disclosure Timeline:
07/01/2019