The ePO engineering team has researched the findings and concluded that ePO is not vulnerable to the reported findings because ports 8444 and 443 are not meant for browsing using a browser. They are accessed from the McAfee Agent (MA), or Agent Handler (AH) or other ePO internal service, and the certificate trust is built on OrionCA which is generated per ePO install.
Regarding the warnings, the exception noted for QID 38173 applies:
The ePO server and Agent Handler components communicate only with a restricted set of clients who have the trusted certificate chain. The CA certificate is not available publicly and cannot be verified remotely.