CVE-2023-5444: 
McAfee ePolicy Orchestrator vulnerability analysis and mitigation

A Cross Site Request Forgery (CSRF) vulnerability was discovered in ePolicy Orchestrator (ePO) versions prior to 5.10.0 CP1 Update 2. The vulnerability was assigned CVE-2023-5444 and was disclosed on November 17, 2023. This security flaw affects the dashboard area of the ePO server's user interface (NVD, CVE).

The vulnerability allows a remote low-privilege user to successfully add a new user with administrator privileges to the ePO server. The exploitation requires the attacker to modify the HTTP payload post submission before it reaches the ePO server. The vulnerability has been assigned a CVSS v3.1 base score of 8.0 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H. The weakness is categorized as CWE-352 (Cross-Site Request Forgery) (NVD).

If successfully exploited, this vulnerability allows attackers to escalate their privileges by adding new users with administrator access to the ePO server. This could lead to complete compromise of the ePO server management interface and potentially affect the entire managed security infrastructure (NVD).

Users are advised to upgrade their ePolicy Orchestrator installations to version 5.10.0 CP1 Update 2 or later to address this vulnerability (NVD).