🔍 What is Epolicy Orchestrator?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2023-5444

HIGH CVSS 8.0 Nov 17, 2023

A Cross-Site Request Forgery (CSRF) vulnerability in ePolicy Orchestrator (ePO) allows low-privileged remote users to add new administrator accounts by manipulating HTTP POST requests before they reac...

CVE-2021-3712

HIGH CVSS 7.4 Aug 24, 2021

This OpenSSL vulnerability allows attackers to cause buffer overruns when applications directly construct ASN.1 strings without proper NUL termination. Exploitation can lead to denial of service or me...

CVE-2021-23840

HIGH CVSS 7.5 Feb 16, 2021

This OpenSSL vulnerability involves integer overflow in cryptographic functions (EVP_CipherUpdate, EVP_EncryptUpdate, EVP_DecryptUpdate) when processing input near maximum permissible length. The over...