Page 3 of 30 results (0.002 seconds)

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

The MySQL database in McAfee Network Data Loss Prevention (NDLP) before 9.3 does not require a password, which makes it easier for remote attackers to obtain access. La base de datos MySQL en McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 no requiere una contraseña, lo que facilita a atacantes remotos obtener el acceso. • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-287: Improper Authentication •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0

McAfee Network Data Loss Prevention (NDLP) before 9.3 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 no incluye el indicador HTTPOnly en una cabecera Set-Cookie para la cookie de la sesión, lo que facilita a atacantes remotos obtener información potencialmente sensible a través del acceso de secuencias de comandos a esta cookie. • http://www.securityfocus.com/bid/70823 https://exchange.xforce.ibmcloud.com/vulnerabilities/98431 https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

The TLS/SSL Server in McAfee Network Data Loss Prevention (NDLP) before 9.3 uses weak cipher algorithms, which makes it easier for remote authenticated users to execute arbitrary code via unspecified vectors. El servidor TLS/SSL en McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 utiliza algoritmos de cifrado débiles, lo que facilita a usuarios remotos autenticados ejecutar código arbitrario a través de vectores no especificados. • http://www.securityfocus.com/bid/70831 https://exchange.xforce.ibmcloud.com/vulnerabilities/98432 https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-310: Cryptographic Issues •

CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0

McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs, which allows local users to obtain sensitive information by reading the audit log. McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 registra los identificadores de las sesione, lo que permite a usuarios locales obtener información sensible mediante la lectura del registro de auditoria. • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 3.6EPSS: 0%CPEs: 4EXPL: 0

Unspecified vulnerability in McAfee Network Data Loss Prevention before (NDLP) before 9.3 allows local users to obtain sensitive information and impact integrity via unknown vectors, related to partition mounting. Vulnerabilidad no especificada en McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 permite a usuarios locales obtener información sensible y impactar la integridad a través de vectores desconocidos, relacionado con el montaje de partición. • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 •