Intel Mcafee · Epolicy Orchestrator · CVE-2015-8765
**Name of the Vulnerable Software and Affected Versions**
Intel McAfee ePolicy Orchestrator (ePO) versions 4.6.9 and earlier
Intel McAfee ePolicy Orchestrator (ePO) versions 5.0.x
Intel McAfee ePolicy Orchestrator (ePO) versions 5.1.x before 5.1.3 Hotfix 1106041
Intel McAfee ePolicy Orchestrator (ePO) versions 5.3.x before 5.3.1 Hotfix 1106041
**Description**
The issue allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
**Recommendations**
For versions 4.6.9 and earlier, update to a version later than 4.6.9.
For versions 5.0.x, update to a version later than 5.0.x.
For versions 5.1.x before 5.1.3 Hotfix 1106041, apply Hotfix 1106041 or update to version 5.1.3 or later.
For versions 5.3.x before 5.3.1 Hotfix 1106041, apply Hotfix 1106041 or update to version 5.3.1 or later.