Mcafee

Data Loss Prevention

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2021-4088

  • EPSS 1.21%
  • Veröffentlicht 24.01.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:36:52

SQL injection vulnerability in Data Loss Protection (DLP) ePO extension 11.8.x prior to 11.8.100, 11.7.x prior to 11.7.101, and 11.6.401 allows a remote authenticated attacker to inject unfiltered SQL into the DLP part of the ePO database. This could...

4.8

CVE-2021-31832

  • EPSS 0.4%
  • Veröffentlicht 09.06.2021 14:15:09
  • Zuletzt bearbeitet 21.11.2024 06:06:19

Improper Neutralization of Input in the ePO administrator extension for McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a remote ePO DLP administrator to inject JavaScript code into the alert configuration text field. ...

7.8

CVE-2020-7346

  • EPSS 0.06%
  • Veröffentlicht 23.03.2021 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:37:05

Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker's choosing. This requires th...

5.2

CVE-2020-7307

  • EPSS 0.04%
  • Veröffentlicht 13.08.2020 04:15:13
  • Zuletzt bearbeitet 21.11.2024 05:37:02

Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials.

6.4

CVE-2020-7302

  • EPSS 0.59%
  • Veröffentlicht 13.08.2020 03:15:14
  • Zuletzt bearbeitet 21.11.2024 05:37:01

Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management section via lack of sanity checking.

4.1

CVE-2020-7303

  • EPSS 0.13%
  • Veröffentlicht 13.08.2020 03:15:14
  • Zuletzt bearbeitet 21.11.2024 05:37:01

Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote user to trigger scripts to run in a user's browser via adding a new label.

7.6

CVE-2020-7304

  • EPSS 0.09%
  • Veröffentlicht 13.08.2020 03:15:14
  • Zuletzt bearbeitet 21.11.2024 05:37:01

Cross site request forgery vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attacker to embed a CRSF script via adding a new label.

6.5

CVE-2020-7305

  • EPSS 0.16%
  • Veröffentlicht 13.08.2020 03:15:14
  • Zuletzt bearbeitet 21.11.2024 05:37:01

Privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows a low privileged remote attacker to create new rule sets via incorrect validation of user credentials.

5.2

CVE-2020-7306

  • EPSS 0.04%
  • Veröffentlicht 13.08.2020 03:15:14
  • Zuletzt bearbeitet 21.11.2024 05:37:01

Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the ADRMS username and password via unprotected log files containing plain text

6.3

CVE-2020-7300

  • EPSS 0.12%
  • Veröffentlicht 12.08.2020 22:15:12
  • Zuletzt bearbeitet 21.11.2024 05:37:01

Improper Authorization vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attackers to change the configuration when logged in with view only privileges via carefully constructed HTTP post mes...