CVE-2022-0861: 
McAfee ePolicy Orchestrator vulnerability analysis and mitigation

A XML Extended entity vulnerability (CVE-2022-0861) was identified in McAfee Enterprise ePolicy Orchestrator (ePO) affecting versions prior to 5.10 Update 13. The vulnerability was discovered and recorded on March 4, 2022, and allows remote administrator attackers to exploit the extension import functionality through malicious XML file uploads (CVE Details, NVD Database).

The vulnerability is classified as CWE-611 (Improper Restriction of XML External Entity Reference). It received a CVSS v3.1 base score of 3.8 (Low) from NVD with vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N, indicating network accessibility, low attack complexity, high privileges required, and no user interaction needed. Trellix assigned a slightly lower CVSS score of 3.5 with vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N (NVD Database).

The vulnerability's impact is primarily limited to unauthorized access to confidential information and potential data alteration capabilities. The low CVSS score suggests relatively contained impact, particularly given the high privilege requirement for exploitation (NVD Database).

Users are advised to upgrade to McAfee Enterprise ePolicy Orchestrator (ePO) version 5.10 Update 13 or later to address this vulnerability (NVD Database).