CVE-2015-0922

McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 uses the same secret key across different customers' installations, which allows attackers to obtain the administrator password by leveraging knowledge of the encrypted password.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
VendorProductVersion
mcafeeepolicy_orchestrator
𝑥
≤ 4.6.8
mcafeeepolicy_orchestrator
5.0.0
mcafeeepolicy_orchestrator
5.0.1
mcafeeepolicy_orchestrator
5.1.0
mcafeeepolicy_orchestrator
5.1.1
𝑥
= Vulnerable software versions