Please open a ticket with McAfee for any vulnerability questions like that and they almost always have to go to development.
Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
Did anyone open a McAfee ticket and get a response to this issue? We are encountering the same thing. Client was going to accept a variance based on KB82163 but now wants to find a solution. Can these certs be loaded to the Nessus scanner to avoid them from flagging during scans?
I don't know if you can upload them to nessus or not, we are not familiar with its functionality. The KB given is development's official statement regarding those flags. The only certificate that can be changed in epo is the browser cert, which is not involved with ports 8444 or 443. KB72477 tells how to create custom browser cert that includes subjectalt field, but it is not yet available with the default Orion CA cert. Regarding their statement:
The ePO engineering team has researched the findings and concluded that ePO is not vulnerable to the reported findings. Research found that because ports 8444 and 443 are not meant for browsing using a browser.
They are accessed from the McAfee Agent, Agent Handler, or other ePO internal service. The certificate trust is built on OrionCA which is generated per ePO install.
Regarding all warnings, the exception noted for QID 38173 applies:
The ePO server and Agent Handler components communicate only with a restricted set of clients who have the trusted certificate chain. The CA certificate is not available publicly and can't be verified remotely.
In addition, to prevent future concern on the part of Qualys customers, McAfee has filed an enhancement request to address QID 38170. The request is to set the subjectAltName value as advised by the QID.
Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA