CVE-2014-8518

Name of the Vulnerable Software and Affected Versions McAfee File and Removable Media Protection (FRP) version 4.3.0.x McAfee Endpoint Encryption for Files and Folders (EEFF) versions 3.2.x through 4.2.x

Description The issue concerns the use of a hard-coded salt in the encryption offsite access options of the affected software, making it easier for local users to obtain passwords via a brute force attack.

Recommendations For McAfee File and Removable Media Protection (FRP) version 4.3.0.x, update to a version that addresses the hard-coded salt issue. For McAfee Endpoint Encryption for Files and Folders (EEFF) versions 3.2.x through 4.2.x, update to a version that addresses the hard-coded salt issue. As a temporary workaround, consider restricting access to the removable media and CD and DVD encryption offsite access options until a patch is available.