Multiple vulnerabilities were identified in McAfee ePolicy Orchestrator
Multiple vulnerabilities were identified in McAfee ePolicy Orchestrator software. ePolicy Orchestrator update addresses two product vulnerabilities (CVE-2021-31834 and CVE-2021-31835) and updates third-party libraries (Java, OpenSSL, and Tomcat).
A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure, data manipulation and cross-site scripting on the targeted system. Vulnerabilities affect McAfee ePolicy Orchestrator software verions prior to 5.10 CU 11.
Source: mcafee.com
26 October 2021