I have been told that there is a vulnerability in McAfee agent.
There is a setting that I can check to see whether we are vulnerable, but I cannot find whether this is enabled or not.
Viewing of remote logs in enabled, but I do not know where to look to see if all users can view them or if it actually is restricted to admins.
Can somebody point me in the right direction?
Check your agent version - Affected Software: McAfee Agent 5.0.x versions prior to 184.108.40.2069 - If your agent version is 220.127.116.119 or higher then the vulnerability has been remediated.
As for "Viewing of remote logs in enabled, but I do not know where to look to see if all users can view them or if it actually is restricted to admins." I have yet to discover that feature. Yet, under the McAfee Agent Policy/General tab - Enable remote access to log AND Accept connections only from ePO server. That would mean, the only way ANYONE would be able to access the remote logs is by logging on to the ePO server/opening a web browser on the ePO server and navigating to the remote log.
Restricting the viewing of logs applies to the web interface of the client. If it's restricted to the ePO server, than you can only browse to http://:8081 from the ePO server. If it's not restricted, then you should be able to browse to http::8081 from any system on your network.