CVE-2023-4814
https://notcve.org/view.php?id=CVE-2023-4814
A Privilege escalation vulnerability exists in Trellix Windows DLP endpoint for windows which can be abused to delete any file/folder for which the user does not have permission to. Existe una vulnerabilidad de escalada de privilegios en Trellix Windows DLP endpoint para Windows de la que se puede abusar para eliminar cualquier archivo/carpeta para el cual el usuario no tiene permiso. • https://kcm.trellix.com/corporate/index?page=content&id=SB10407 • CWE-250: Execution with Unnecessary Privileges CWE-863: Incorrect Authorization •
CVE-2023-0400
https://notcve.org/view.php?id=CVE-2023-0400
The protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. This allowed a local user to bypass DLP controls when uploading sensitive data from a mapped drive into a web email client. Loading from a local driver was correctly prevented. Versions prior to 11.9 correctly detected and blocked the attempted upload of sensitive data. • https://github.com/pinpinsec/CVE-2023-0400 https://kcm.trellix.com/corporate/index?page=content&id=SB10394&locale=en_US • CWE-427: Uncontrolled Search Path Element CWE-670: Always-Incorrect Control Flow Implementation •
CVE-2022-1700
https://notcve.org/view.php?id=CVE-2022-1700
Improper Restriction of XML External Entity Reference ('XXE') vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP), which is also leveraged by Forcepoint One Endpoint (F1E), Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20, 2022. The XML parser in the Policy Engine was found to be improperly configured to support external entities and external DTD (Document Type Definitions), which can lead to an XXE attack. This issue affects: Forcepoint Data Loss Prevention (DLP) versions prior to 8.8.2. Forcepoint One Endpoint (F1E) with Policy Engine versions prior to 8.8.2. Forcepoint Web Security Content Gateway versions prior to 8.5.5. • https://help.forcepoint.com/security/CVE/CVE-2022-1700.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2021-4088 – Blind SQL injection in DLP ePO extension
https://notcve.org/view.php?id=CVE-2021-4088
SQL injection vulnerability in Data Loss Protection (DLP) ePO extension 11.8.x prior to 11.8.100, 11.7.x prior to 11.7.101, and 11.6.401 allows a remote authenticated attacker to inject unfiltered SQL into the DLP part of the ePO database. This could lead to remote code execution on the ePO server with privilege escalation. Una vulnerabilidad de inyección SQL en la extensión de ePO de Data Loss Protection (DLP) versiones 11.8.x anteriores a 11.8.100, versiones 11.7.x anteriores a 11.7.101 y versiones 11.6.401, permite a un atacante remoto autenticado inyectar SQL sin filtrar en la parte de DLP de la base de datos de ePO. Esto podría conllevar a una ejecución de código remota en el servidor de ePO con escalada de privilegios • https://kc.mcafee.com/corporate/index?page=content&id=SB10376 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2021-31832 – Cross site scripting vulnerability in DLP Endpoint for Windows
https://notcve.org/view.php?id=CVE-2021-31832
Improper Neutralization of Input in the ePO administrator extension for McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a remote ePO DLP administrator to inject JavaScript code into the alert configuration text field. This JavaScript will be executed when an end user triggers a DLP policy on their machine. Una Neutralización Inapropiada de la Entrada en la extensión del administrador de ePO para McAfee Data Loss Prevention (DLP) Endpoint para Windows anterior a 11.6.200 permite a un administrador remoto de ePO DLP inyectar código JavaScript en el campo alert configuration text. Este JavaScript se ejecutará cuando un usuario final desencadena una política de DLP en su máquina • https://kc.mcafee.com/corporate/index?page=content&id=SB10360 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •