CVE-2022-0859
ePO database restoration vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to point an ePO server to an arbitrary SQL server during the restoration of the ePO server. To achieve this the attacker would have to be logged onto the server hosting the ePO server (restricted to administrators) and to know the SQL server password.
McAfee Enterprise ePolicy Orchestrator (ePO) versiones anteriores a la Actualización 5.10 13, permite a un atacante local apuntar un servidor ePO a un servidor SQL arbitrario durante la restauración del servidor ePO. Para conseguirlo, el atacante tendría que haber iniciado sesión en el servidor que aloja el servidor de ePO (restringido a administradores) y conocer la contraseña del servidor SQL
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-03-04 CVE Reserved
- 2022-03-23 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-522: Insufficiently Protected Credentials
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
https://kc.mcafee.com/corporate/index?page=content&id=SB10379 | Broken Link |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | < 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version " < 5.10.0" | - |
Affected
| ||||||
Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | - |
Affected
| ||||||
Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_1 |
Affected
| ||||||
Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_10 |
Affected
| ||||||
Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_11 |
Affected
| ||||||
Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_12 |
Affected
| ||||||
Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_2 |
Affected
| ||||||
Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_3 |
Affected
| ||||||
Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_4 |
Affected
| ||||||
Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_5 |
Affected
| ||||||
Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_6 |
Affected
| ||||||
Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_7 |
Affected
| ||||||
Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_8 |
Affected
| ||||||
Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_9 |
Affected
|