Hi All,
can anyone confirm if accessing this file on ePO (4.6.4 here) Is a good way to see easily what version of openSSL you have?
C:\Program Files (x86)\McAfee\ePolicy Orchestrator\Apache2\OPENSSL-README.txt
ePo 4.6.4 shows the OpenSSL readme and talking about version 1.0.0.d which is not vulnerable, which also matches what i see from various scanning tools that have appeared.
As always if in doubt shut down your agent handler in the DMZ for time being.... Thats what we did the last time there was an issue like this that could be remotely expolited.
thanks,
Pierce
Solved! Go to Solution.
Hey everyone, I'll try to simplify the steps for you all:
On your ePO server, open a command prompt. Go to program files (x86)\mcafee\epolicy orchestrator\apache2\bin
type OpenSSL Version
This will give you the version op OpenSLL running on Apache. I believe ePO 4.6.4 uses 1.0.1d. That version is vulnerable.
Just did that and get 1.0.0d which is the same as the readme file I found.
Looks like ePo 4.6.4 is safe
Good to know! ePO 4.6.4 shows version 1.0.1e so that version is vulnerable.
how do we have same version of ePO with different versions of openSSL...? No wonder by ePO wont upgrade...
Sorry.. I meant ePO 4.6.6!
We're currently running 4.6.7 (Build 278) and have OpenSSL 1.0.1e.
Pretty disappointed in lack of information from McAfee so far.
ePO4.6.6 (build 176) uses 1.0.1e. wich is impacted. ->
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160
on the exposure side it would be limited to internal traffic since ePO hosting servers should only be internal. Not saying there is not impact just severity ought to be lower than for those apps are Internet facing.
Our ePO is only accessible internally, but our agent handler is accessible externally. It's also running 1.0.1e so we've had to close that off from external access until a patch is released.
Yea, we are in the same boat as Richasto. We have the ePO agent handler in the dmz. It's public facing and showing up as vulnerable. What do we do ?
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA