CVE-2022-0859
published 2022-03-23CVE-2022-0859: McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to point an ePO server to an arbitrary SQL server during the…
PriorityP433medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
EPSS
0.20%
10.2th percentile
McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to point an ePO server to an arbitrary SQL server during the restoration of the ePO server. To achieve this the attacker would have to be logged onto the server hosting the ePO server (restricted to administrators) and to know the SQL server password.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mcafee | epolicy_orchestrator | < 5.10.0 | 5.10.0 |
| mcafee | epolicy_orchestrator | — | — |
| mcafee_llc | mcafee_epolicy_orchestrator | >= unspecified < 5.10 CU 13 | 5.10 CU 13 |
CVSS provenance
nvdv3.16.7MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.4MEDIUMAV:L/AC:M/Au:N/C:P/I:P/A:P
cisa7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9533-g28x-xwf2: McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5
ghsa_unreviewed·2022-03-24
CVE-2022-0859 [MEDIUM] CWE-522 GHSA-9533-g28x-xwf2: McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5
McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to point an ePO server to an arbitrary SQL server during the restoration of the ePO server. To achieve this the attacker would have to be logged onto the server hosting the ePO server (restricted to administrators) and to know the SQL server password.
CISA
Microsoft Win32k Privilege Escalation Vulnerability
cisa·2021-11-03·CVSS 7.8
CVE-2019-0859 [HIGH] Microsoft Win32k Privilege Escalation Vulnerability
Vulnerability: Microsoft Win32k Privilege Escalation Vulnerability
Affected: Microsoft Win32k
Microsoft Win32k fails to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2019-0859
Remediation Due Date: 2022-05-03
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-03-23
Published