cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
midnightdevil
midnightdevil
Level 9
Report Inappropriate Content
Message 1 of 11
‎01-09-2015 04:30 AM

McAfee ePO 5.0.1 and CVE-2014-3571 (OpenSSL)

Jump to solution

Hi,

I received a notification this morning regarding OpenSSL new eight vulnerabilities. My question ,is how do I:

Check what OpenSSL version is installed.

Will McAfee launch an update for this vulnerabilty ?

I'm a little in the dark regarding this matter, so any help is appreciated.

Thanks in advance.

0 Kudos
Reply
1 Solution

Accepted Solutions
Artfulbodger
Artfulbodger
Level 13
Report Inappropriate Content
Message 9 of 11
‎01-30-2015 11:06 AM

Re: McAfee ePO 5.0.1 and CVE-2014-3571 (OpenSSL)

Jump to solution

Hi midnightdevil 


I have had a response from McAfee containing a published document dated Jan 29th 2015 (McAfee Sustaining Statement SSC1501291)


"CVE-2015-0206 and CVE-2014-3571 do not apply because ePO does not use DTLS functionality. The only item that may be relevant to ePO is: CVE-2014-3569. " and McAfee propose a patch to ePO 4.6.9 and 5.1.2 q1 2015 to cover CVE-2014-3569.


I can give you a more technical response if required. 


So to cover your initial query ePO is not exposed to CVE-2014-3571


Regards

Rich

Volunteer Moderator 

Certified McAfee Product Specialist-ePO




Regards

Rich

View solution in original post

Reply
10 Replies
Artfulbodger
Artfulbodger
Level 13
Report Inappropriate Content
Message 2 of 11
‎01-09-2015 05:18 AM

Re: McAfee ePO 5.0.1 and CVE-2014-3571 (OpenSSL)

Jump to solution

Hi,

You can check which version of OpenSSL your ePO server is using by Checking the Product Version property on the ssleay32.dll file (under the details tab) which can be found in the <ePO Install folder>\Apache2\bin folder

The latest update for ePO 5.0.1 was HF1014944 release Nov 4 2014 which can be downloaded from the Products Download page once you have entered your grant number.

ePolicy Orchestrator Hotfix 1014944 updates OpenSSL to address CVE-2014-3513 and CVE-2014-3567.


I'll try and find out when McAfee intend to release another update to update OpenSSL to version 1.0.1k to address CVE-2014-3571, although ePO 5.1.2 is due soon and may be included in this release.


Regards


Rich

0 Kudos
Reply
midnightdevil
midnightdevil
Level 9
Report Inappropriate Content
Message 3 of 11
‎01-09-2015 09:21 AM

Re: McAfee ePO 5.0.1 and CVE-2014-3571 (OpenSSL)

Jump to solution

Thank you, I'll be waiting for a feedback regarding this latest CVE. I hope McAfee will eventually address it.

I'm aware of previous SSL vulnerabilities and they have been patched here. I posted about this last CVE because I received the alert through us-cert.gov and not through McAfee.

Thanks

0 Kudos
Reply
Highlighted
midnightdevil
midnightdevil
Level 9
Report Inappropriate Content
Message 4 of 11
‎01-13-2015 07:35 AM

Re: McAfee ePO 5.0.1 and CVE-2014-3571 (OpenSSL)

Jump to solution

Hello, is there any update regarding this CVE? I did another search today but there's still no word or official documentation regarding this vulnerability.

I wonder if it is okay to download the updated version of OpenSSL and replace the file(s) backing up the previous versions (?) It's a production server so I mean to avoid any unnecessary risks and do the things the official way.

Thanks

0 Kudos
Reply
Artfulbodger
Artfulbodger
Level 13
Report Inappropriate Content
Message 5 of 11
‎01-13-2015 08:20 AM

Re: McAfee ePO 5.0.1 and CVE-2014-3571 (OpenSSL)

Jump to solution

Not the answer you are looking for right now but ePO 5.0.1 is now End-Of-Life as of 31/12/2014 and McAfee have confirmed you will need to upgrade to ePO 5.1.1.

I have pointed out that the exposure is still present in version 5.1.1 and I am trying to get an answer regarding ePO 5.1.1.

Regards

Rich

Reply
Artfulbodger
Artfulbodger
Level 13
Report Inappropriate Content
Message 6 of 11
‎01-21-2015 02:08 AM

Re: McAfee ePO 5.0.1 and CVE-2014-3571 (OpenSSL)

Jump to solution

I have raised a support ticket with McAfee which has now been escalated to Engineering for investigation.

Rich

Reply
Artfulbodger
Artfulbodger
Level 13
Report Inappropriate Content
Message 7 of 11
‎01-26-2015 02:54 AM

Re: McAfee ePO 5.0.1 and CVE-2014-3571 (OpenSSL)

Jump to solution

Hi all.

McAfee have requested Vulnerability Scanner results to help diagnose, but OpenVAS has not identified our ePO 5.1.1 server to be exposed to CVE-2014-3571.

Are you able to run a scanner against your ePO server to test?

Regards

Rich

Volunteer Moderator

Reply
Artfulbodger
Artfulbodger
Level 13
Report Inappropriate Content
Message 8 of 11
‎01-30-2015 10:22 AM

Re: McAfee ePO 5.0.1 and CVE-2014-3571 (OpenSSL)

Jump to solution

Hi,


I have heard back from McAfee support today, they have escallated to Tier III to get some confirmation regarding exposure. 


Regards

Rich

Volunteer Moderator 

Certified McAfee Product Specialist - ePO

Reply
Artfulbodger
Artfulbodger
Level 13
Report Inappropriate Content
Message 9 of 11
‎01-30-2015 11:06 AM

Re: McAfee ePO 5.0.1 and CVE-2014-3571 (OpenSSL)

Jump to solution

Hi midnightdevil 


I have had a response from McAfee containing a published document dated Jan 29th 2015 (McAfee Sustaining Statement SSC1501291)


"CVE-2015-0206 and CVE-2014-3571 do not apply because ePO does not use DTLS functionality. The only item that may be relevant to ePO is: CVE-2014-3569. " and McAfee propose a patch to ePO 4.6.9 and 5.1.2 q1 2015 to cover CVE-2014-3569.


I can give you a more technical response if required. 


So to cover your initial query ePO is not exposed to CVE-2014-3571


Regards

Rich

Volunteer Moderator 

Certified McAfee Product Specialist-ePO




Regards

Rich

View solution in original post

Reply
midnightdevil
midnightdevil
Level 9
Report Inappropriate Content
Message 10 of 11
‎02-02-2015 04:20 AM

Re: McAfee ePO 5.0.1 and CVE-2014-3571 (OpenSSL)

Jump to solution

Thank you fellas, thanks everyone who helped. This issue can be closed now. THanks to you all!

MD

0 Kudos
Reply
More McAfee Tools to Help You
  • How to Troubleshoot Install & Deployment Failures
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator

    • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community


    Corporate Headquarters
    2821 Mission College Blvd.
    Santa Clara, CA 95054 USA

    Consumer Support   |   Enterprise Support   |   McAfee.com

    Legal   |   Privacy   |   Copyright © 2019 McAfee, LLC