can anyone confirm if accessing this file on ePO (4.6.4 here) Is a good way to see easily what version of openSSL you have?
C:\Program Files (x86)\McAfee\ePolicy Orchestrator\Apache2\OPENSSL-README.txt
ePo 4.6.4 shows the OpenSSL readme and talking about version 1.0.0.d which is not vulnerable, which also matches what i see from various scanning tools that have appeared.
As always if in doubt shut down your agent handler in the DMZ for time being.... Thats what we did the last time there was an issue like this that could be remotely expolited.
Solved! Go to Solution.
Hey everyone, I'll try to simplify the steps for you all:
On your ePO server, open a command prompt. Go to program files (x86)\mcafee\epolicy orchestrator\apache2\bin
type OpenSSL Version
This will give you the version op OpenSLL running on Apache. I believe ePO 4.6.4 uses 1.0.1d. That version is vulnerable.
ePO4.6.6 (build 176) uses 1.0.1e. wich is impacted. ->
on the exposure side it would be limited to internal traffic since ePO hosting servers should only be internal. Not saying there is not impact just severity ought to be lower than for those apps are Internet facing.
Our ePO is only accessible internally, but our agent handler is accessible externally. It's also running 1.0.1e so we've had to close that off from external access until a patch is released.