McAfee’s Enterprise Security Manager (ESM) needs patching, as smartly as you can manage, due to an administrator-level authentication bypass. The advisory here says “a specially crafted username” can get past the Security Information & Event Management logins without authentication, and without a password, “if the ESM is configured to use Active Directory or LDAP”. That gives the attacker access to NGCP – the default username created at first installation – without checking the password assigned to NGCP when it was created.
View full story
ORIGINAL STORY: The Register