CVE-2015-8987 — MEDIUM (5.3)

Q: How severe is CVE-2015-8987?

CVE-2015-8987 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-8987?

Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Agent.

Vulnerability Description

Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server via McAfee Agent migration to another ePO server.

CVSS Score

5.3

MEDIUM

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Mcafee	Agent	<= 4.8.0

Related Weaknesses (CWE)

CWE-284

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10101MitigationPatchVendor Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10101MitigationPatchVendor Advisory

FAQ

What is CVE-2015-8987?

CVE-2015-8987 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possib...

How severe is CVE-2015-8987?

CVE-2015-8987 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-8987?

Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Agent.