5.8
CVE-2015-2859
- EPSS 0.2%
- Veröffentlicht 23.06.2015 21:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle cret@cert.org
- Teams Watchlist Login
- Unerledigt Login
Intel McAfee ePolicy Orchestrator (ePO) 4.x through 4.6.9 and 5.x through 5.1.2 does not validate server names and Certification Authority names in X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mcafee ≫ Epolicy Orchestrator Version4.0
Mcafee ≫ Epolicy Orchestrator Version4.5.0
Mcafee ≫ Epolicy Orchestrator Version4.5.3
Mcafee ≫ Epolicy Orchestrator Version4.5.4
Mcafee ≫ Epolicy Orchestrator Version4.5.5
Mcafee ≫ Epolicy Orchestrator Version4.5.6
Mcafee ≫ Epolicy Orchestrator Version4.5.7
Mcafee ≫ Epolicy Orchestrator Version4.6.0
Mcafee ≫ Epolicy Orchestrator Version4.6.1
Mcafee ≫ Epolicy Orchestrator Version4.6.2
Mcafee ≫ Epolicy Orchestrator Version4.6.3
Mcafee ≫ Epolicy Orchestrator Version4.6.4
Mcafee ≫ Epolicy Orchestrator Version4.6.5
Mcafee ≫ Epolicy Orchestrator Version4.6.6
Mcafee ≫ Epolicy Orchestrator Version4.6.7
Mcafee ≫ Epolicy Orchestrator Version4.6.8
Mcafee ≫ Epolicy Orchestrator Version4.6.9
Mcafee ≫ Epolicy Orchestrator Version5.0.0
Mcafee ≫ Epolicy Orchestrator Version5.0.1
Mcafee ≫ Epolicy Orchestrator Version5.1.0
Mcafee ≫ Epolicy Orchestrator Version5.1.1
Mcafee ≫ Epolicy Orchestrator Version5.1.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.2% | 0.417 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|