ePO is vulnerable to multiple CVEs reported in Oracle's April 2016 Java SE update. Collectively, these vulnerabilities affect confidentiality, integrity, and availability of the server.
AFFECTED SOFTWARE
- ePO 5.1.3 and earlier
- ePO 5.3.2 and earlier (NOTE: ePO 5.3.2 is expected in late Q2 2016)
REMEDIATED/PATCHED VERSIONS
The vulnerability is remediated in these versions:
- ePO 5.1.3 + Hotfix 1133331 (EPO5xHF1117371.zip)
- ePO 5.3.1 + Hotfix 1117371 (EPO5xHF1117371.zip)
McAfee recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant patches or hotfixes. For full instructions and information, see McAfee Knowledge Base article
SB10159.
No comments:
Post a Comment