CVE-2015-2859
N/A
N/A
Summary
Intel McAfee ePolicy Orchestrator (ePO) 4.x through 4.6.9 and 5.x through 5.1.2 does not validate server names and Certification Authority names in X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.kb.cert.org/vuls/id/264092
- https://kc.mcafee.com/corporate/index?page=content&id=SB10120
- http://www.securityfocus.com/bid/75020
- http://www.securitytracker.com/id/1032571
- https://kc.mcafee.com/corporate/index?page=content&id=KB84628
References
- http://www.kb.cert.org/vuls/id/264092
- https://kc.mcafee.com/corporate/index?page=content&id=SB10120
- http://www.securityfocus.com/bid/75020
- http://www.securitytracker.com/id/1032571
- https://kc.mcafee.com/corporate/index?page=content&id=KB84628
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.