CVE-2015-8765Epolicy Orchestrator vulnerability

3 documents3 sources
Severity
8.3HIGHNVD
EPSS
2.3%
top 15.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mcafee Epolicy Orchestrator
Timeline
PublishedJan 8
Latest updateMay 14

Description

Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041, and 5.3.x before 5.3.1 Hotfix 1106041 allow remote attackers to execute arbitrary code via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:LExploitability: 3.9 | Impact: 3.7

Affected Packages1 packages

NVDmcafee/epolicy_orchestrator5.1.05.1.3+3

🔴Vulnerability Details

2
GHSA
GHSA-gqwx-4vhr-5r33: Intel McAfee ePolicy Orchestrator (ePO) 42022-05-14
CVEList
CVE-2015-8765: Intel McAfee ePolicy Orchestrator (ePO) 42016-01-08
CVE-2015-8765 — Mcafee vulnerability | cvebase