ePolicy Orchestrator Sustaining Statement (SS821066) - ePO and Blockwise Chosen-Boundary Attack
Last Modified: 2023-07-13 06:56:03 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
ePolicy Orchestrator Sustaining Statement (SS821066) - ePO and Blockwise Chosen-Boundary Attack
Technical Articles ID:
KB85248
Last Modified: 2023-07-13 06:56:03 Etc/GMT EnvironmentePolicy Orchestrator (ePO) 5.x
SummaryThis document describes the support position of Sustaining Engineering relative to a Trellix application.
Overview This document addresses concerns about ePO and the Blockwise Chosen-Boundary Attack (BCBA) vulnerability, which allows man-in-the-middle attacks through plaintext HTTP headers. CVE-2011-3389 Description The Secure Socket Layer protocol as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other browsers, encrypts data by using Cipher-Block Chaining mode with chained initialization vectors. This allows man-in-the-middle attackers to obtain plaintext HTTP headers using a BCBA on an HTTPS session. This is in conjunction with JavaScript code that uses one of the following:
The ePO server doesn't use any of the three items above in a way that would allow this vulnerability to be successful. Therefore, this vulnerability isn't an issue.
Research and Conclusions This issue doesn't affect ePO. Disclaimer Any future product release dates mentioned in this statement are intended to outline our general product direction and shouldn't be relied on in making a purchasing decision:
Affected ProductsLanguages:This article is available in the following languages: |
|