Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2019.0177 ePolicy Orchestrator update fixes a TLS issue between ePolicy Orchestrator Agent Handler and SQL Server (CVE-2019-3619) (SB10286) 5 July 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: McAfee ePolicy Orchestrator Operating System: Windows Virtualisation Impact/Access: Access Confidential Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2019-3619 Member content until: Sunday, August 4 2019 OVERVIEW McAfee has released updates for ePolicy Orchestrator that fixes a TLS issue between ePolicy Orchestrator Agent Handler and SQL Server (CVE-2019-3619) (SB10286) [1] IMPACT McAfee has provided the following information regarding the vulnerability and impact: "Vulnerability Description ePO offers the ability to configure the communication between the McAfee Agent Handler and the SQL Server to be plain text or encrypted over TLS. The Agent Handler was only honoring some of the TLS options, and was incorrectly reverting to plain text communication for the others. CVE-2019-3619: Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 prior to 5.10.0 Update 4 allows a remote unauthenticated attacker to view sensitive information in plain text via sniffing the traffic between the Agent Handler and the SQL Server." [1] MITIGATION "McAfee strongly recommends that you install the latest update for your version of ePO. o Users of ePO 5.10.0 - Update to 5.10.0 Update 4. o Users of ePO 5.9.1 - Upgrade to ePO 5.10.0 Update 4, or apply the workaround and install the 5.9.1 hotfix once released. o Users of ePO 5.9.0 - Upgrade to ePO 5.10.0 Update 4, or apply the workaround and then upgrade to 5.9.1 and install the 5.9.1 hotfix once released." [1] REFERENCES [1] ePolicy Orchestrator update fixes a TLS issue between ePolicy Orchestrator Agent Handler and SQL Server (CVE-2019-3619) (SB10286) https://kc.mcafee.com/corporate/index?page=content&id=SB10286 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXR6Y+WaOgq3Tt24GAQgOIw/8Cx7bEa4Edv/p5PEXfY0GAPMZ47Yvo6N0 JrKfNbqEB1cQU3z4pnUOnm09897VukB4F+yvvFrZKvO5/9JjSswP0l0RoTK5tNFy SAt08nBqiOIF0EFaOhcIe0tDYpTfY480FGdbgkha5qaqjRtVOVy8yCjx7mzHV486 mdb9XbavJ9B+17APjr9iEUuiYkaSzCEDDiXZ2ePgctshaOpF06SlfygL1Hj7MuKF 6/rGwbHvqLorFKTg9rZbVjph2zvpEmuu7rUxGDg3ViHVFLAzYCgojrA4HVFYk7ay LaZvHiTwnXesZ/u2Pqc1UB9x6epvRjjupEXt0yjFIXpiUfUk+jQyMSo2MNjNzobk HjsTauIOPKfxQIhvYo9FKvkbqzOXViY1BuRmz67z3WoNWNDpVXKsz4zTpELYkwof 9D9RFa6XcdoJ4KVmCwKyRtMpc91GqDgs87ebQjbKUN/MT+6cZdh7IS/u6FnYXlKR bV6OfPREOxz+65o5xJ0ZQ6sWvO1VN12qVKvYhymmmAqNjegtho4dq4ZQgl+W6+kN Y+STFBWMlHlNKsYU6U/5wBQRD9R3BrI9X7QbEkH0u9a8hC5W+G0DgwWaA0251TA3 bZuFPcKu9ffJ6axAdgpaVi/72cPACNpM2ZbVhd8dTmT7ftMy5yWErENXxRpQ55tv 1R4wBxDY8VY= =xYQy -----END PGP SIGNATURE-----