CVE-2015-8765 Information

Description

Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier 5.0.x 5.1.x before 5.1.3 Hotfix 1106041 and 5.3.x before 5.3.1 Hotfix 1106041 allow remote attackers to execute arbitrary code via a crafted serialized Java object related to the Apache Commons Collections (ACC) library.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

Reference

https://kc.mcafee.com/corporate/index?page=content&id=SB10144 https://www.kb.cert.org/vuls/id/576313

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

LOW

Base Severity

8.3