McAfee ePolicy Orchestrator is prone to an information-disclosure vulnerability.
Attackers can exploit this issue to gain access to sensitive information by sniffing the traffic through a man-in-the-middle attack. Successful exploits will lead to other attacks.
McAfee ePolicy Orchestrator 5.9.0, 5.9.1 and 5.10.0 are vulnerable.
Information
McAfee ePolicy Orchestrator 5.9.1
McAfee ePolicy Orchestrator 5.9
McAfee ePolicy Orchestrator 5.9.1 Hotfix 1267793
Exploit
References: