CVE-2022-0859: ePO database restoration vulnerability
First published: Wed Mar 23 2022(Updated: )
McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to point an ePO server to an arbitrary SQL server during the restoration of the ePO server. To achieve this the attacker would have to be logged onto the server hosting the ePO server (restricted to administrators) and to know the SQL server password.
Credit: psirt@mcafee.com trellixpsirt@trellix.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee ePolicy Orchestrator | <5.10.0 | |
| McAfee ePolicy Orchestrator | =5.10.0 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_1 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_10 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_11 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_12 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_2 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_3 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_4 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_5 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_6 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_7 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_8 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-0859?
CVE-2022-0859 is a vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) that allows a local attacker to point the ePO server to an arbitrary SQL server during restoration.
What is the severity of CVE-2022-0859?
The severity of CVE-2022-0859 is medium with a CVSS score of 6.4.
How does CVE-2022-0859 affect McAfee ePolicy Orchestrator?
CVE-2022-0859 affects McAfee ePolicy Orchestrator versions prior to 5.10 Update 13.
How can a local attacker exploit CVE-2022-0859?
A local attacker can exploit CVE-2022-0859 by logging onto the server hosting the ePO server and pointing it to an arbitrary SQL server during restoration.
Is there a fix available for CVE-2022-0859?
Yes, a fix for CVE-2022-0859 is available in McAfee ePolicy Orchestrator 5.10 Update 13.
- collector/nvd-index
- collector/nvd-api
- agent/author
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/severity
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/mcafee
- canonical/mcafee epolicy orchestrator
- version/mcafee epolicy orchestrator/5.10.0
- version/mcafee epolicy orchestrator/5.10.0-update_1
- version/mcafee epolicy orchestrator/5.10.0-update_10
- version/mcafee epolicy orchestrator/5.10.0-update_11
- version/mcafee epolicy orchestrator/5.10.0-update_12
- version/mcafee epolicy orchestrator/5.10.0-update_2
- version/mcafee epolicy orchestrator/5.10.0-update_3
- version/mcafee epolicy orchestrator/5.10.0-update_4
- version/mcafee epolicy orchestrator/5.10.0-update_5
- version/mcafee epolicy orchestrator/5.10.0-update_6
- version/mcafee epolicy orchestrator/5.10.0-update_7
- version/mcafee epolicy orchestrator/5.10.0-update_8
- version/mcafee epolicy orchestrator/5.10.0-update_9