CVE-2015-0921 : XML external entity (XXE) vulnerability in the Server Task Log in McAfee ePolicy

XML external entity (XXE) vulnerability in the Server Task Log in McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 allows remote authenticated users to read arbitrary files via the conditionXML parameter to the taskLogTable to orionUpdateTableFilter.do.

Published 2015-01-09 18:59:11

Updated 2017-09-08 01:29:47

Source MITRE

View at NVD, CVE.org

Vulnerability category: XML external entity (XXE) injection

Products affected by CVE-2015-0921

Mcafee » Epolicy Orchestrator
Versions up to, including, (<=) 4.6.8
cpe:2.3:a:mcafee:epolicy_orchestrator:*:*:*:*:*:*:*:*
Matching versions
Mcafee » Epolicy Orchestrator » Version: 5.0.0
cpe:2.3:a:mcafee:epolicy_orchestrator:5.0.0:*:*:*:*:*:*:*
Matching versions
Mcafee » Epolicy Orchestrator » Version: 5.0.1
cpe:2.3:a:mcafee:epolicy_orchestrator:5.0.1:*:*:*:*:*:*:*
Matching versions
Mcafee » Epolicy Orchestrator » Version: 5.1.0
cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.0:*:*:*:*:*:*:*
Matching versions
Mcafee » Epolicy Orchestrator » Version: 5.1.1
cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2015-0921

EPSS FAQ

0.97%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 83 %

Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2015-0921

McAfee ePolicy Orchestrator Authenticated XXE Credentials Exposure

Disclosure Date: 2015-01-06

First seen: 2020-04-26

auxiliary/gather/mcafee_epo_xxe

This module will exploit an authenticated XXE vulnerability to read the keystore.properties off of the filesystem. This properties file contains an encrypted password that is set during installation. What is interesting about this password is that it is set as the same password

More information

CVSS scores for CVE-2015-0921

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.0	MEDIUM	AV:N/AC:L/Au:S/C:P/I:N/A:N	8.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2015-0921

http://seclists.org/fulldisclosure/2015/Jan/37

Full Disclosure: Re: McAfee ePolicy Orchestrator Authenticated XXE and Credential Exposure
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.securitytracker.com/id/1031519

McAfee ePolicy Orchestrator XML External Entity Flaw and Static Encryption Key Let Remote Authenticated Users Obtain Passwords - SecurityTracker

CVEs referencing this url
https://gist.github.com/brandonprry/692e553975bf29aeaf2c

gist:692e553975bf29aeaf2c · GitHub

CVEs referencing this url
http://packetstormsecurity.com/files/129827/McAfee-ePolicy-Orchestrator-Authenticated-XXE-Credential-Exposure.html

McAfee ePolicy Orchestrator Authenticated XXE Credential Exposure ≈ Packet Storm
Exploit;Third Party Advisory;VDB Entry

CVEs referencing this url
http://seclists.org/fulldisclosure/2015/Jan/8

Full Disclosure: McAfee ePolicy Orchestrator Authenticated XXE and Credential Exposure
Mailing List;Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/61922

Sign in
https://kc.mcafee.com/corporate/index?page=content&id=SB10095

Patch;Vendor Advisory

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/99950

McAfee ePolicy Orchestrator condition XML information disclosure CVE-2015-0921 Vulnerability Report

Jump to

Vulnerability Details : CVE-2015-0921

Products affected by CVE-2015-0921

Exploit prediction scoring system (EPSS) score for CVE-2015-0921

Metasploit modules for CVE-2015-0921

McAfee ePolicy Orchestrator Authenticated XXE Credentials Exposure

CVSS scores for CVE-2015-0921

References for CVE-2015-0921