FramePkg
  • Home
  • About
  • Procedures
    • ePO Upgrade
    • ePO Architecture
    • BackUp ePO
    • How To Uninstall McAfee Client Manually
    • McAfee Drive Encryption
    • TIE Guide - A to Z Steps
  • ePO
  • VSE
  • DLP
  • HIPS
  • Solutions
  • Tips
  • Videos
  • Online Updates

be
​updated!

SB10197 Resolves ePO Vulnerability

13/5/2017

0 Comments

 
A vulnerability in ePolicy Orchestrator (ePO) has been discovered and resolved. 
AFFECTED SOFTWARE
  • ePO 5.1.3 and earlier
  • ePO 5.3.2 and earlier
  • ePO 5.9.0 and earlier 
REMEDIATED/PATCHED VERSIONS
See SB10197 for remediation instructions.   
IMPACT
CVE-2016-2183 (CVSS: 5.3 / 4.8; Severity: Medium) The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, also known as a "Sweet32" attack.
RECOMMENDATION
McAfee recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant patches or hotfixes. For full instructions and information, see Knowledge Base article SB10197, McAfee Security Bulletin - ePolicy Orchestrator is vulnerable to Sweet32 vulnerability (CVE-2016-2183) (https://kc.mcafee.com/corporate/index?page=content&id=SB10197)
0 Comments



Leave a Reply.

    Picture
    Action Coin

    Archives

    December 2017
    September 2017
    August 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016

    Categories

    All

    Ebates Coupons and Cash Back