McAfee ePolicy Orchestrator Information Disclosure Vulnerability

info
discussion
exploit
solution
references

McAfee ePolicy Orchestrator Information Disclosure Vulnerability

It has been discovered that the McAfee ePolicy Ochestrator Agent fails to carry out any authentication. As a result, anonymous remote users may be capable of obtaining sensitive log data stored by the agent. The exploitation of this vulnerability could allow an attacker to obtain sensitive information that could aid in launching further attacks.