CVSS: 8.8EPSS: 4%CPEs: 4EXPL: 0CVE-2014-8531
https://notcve.org/view.php?id=CVE-2014-8531
29 Oct 2014 — The TLS/SSL Server in McAfee Network Data Loss Prevention (NDLP) before 9.3 uses weak cipher algorithms, which makes it easier for remote authenticated users to execute arbitrary code via unspecified vectors. El servidor TLS/SSL en McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 utiliza algoritmos de cifrado débiles, lo que facilita a usuarios remotos autenticados ejecutar código arbitrario a través de vectores no especificados. • http://www.securityfocus.com/bid/70831 • CWE-310: Cryptographic Issues •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2014-8522
https://notcve.org/view.php?id=CVE-2014-8522
29 Oct 2014 — The MySQL database in McAfee Network Data Loss Prevention (NDLP) before 9.3 does not require a password, which makes it easier for remote attackers to obtain access. La base de datos MySQL en McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 no requiere una contraseña, lo que facilita a atacantes remotos obtener el acceso. • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-287: Improper Authentication •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2014-8527
https://notcve.org/view.php?id=CVE-2014-8527
29 Oct 2014 — McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information and affect integrity via vectors related to a "plain text password." McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 permite a usuarios locales obtener información sensible y afectar la integridad a través de vectores relacionados con una 'contraseña de texto plano.' • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-255: Credentials Management Errors •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2014-8532
https://notcve.org/view.php?id=CVE-2014-8532
29 Oct 2014 — Unspecified vulnerability in McAfee Network Data Loss Prevention before (NDLP) before 9.3 allows local users to obtain sensitive information and impact integrity via unknown vectors, related to partition mounting. Vulnerabilidad no especificada en McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 permite a usuarios locales obtener información sensible y impactar la integridad a través de vectores desconocidos, relacionado con el montaje de partición. • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2014-8523
https://notcve.org/view.php?id=CVE-2014-8523
29 Oct 2014 — Cross-site request forgery (CSRF) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad de CSRF en McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 permite a atacantes remotos secuestrar la autenticación de victimas no especificadas a través de vectores desconocidos. • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2014-8534
https://notcve.org/view.php?id=CVE-2014-8534
29 Oct 2014 — Unspecified vulnerability in the login form in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to cause a denial of service via a crafted value in the domain field. Vulnerabilidad no especificada en el formulario de inicio de sesión en McAfee Network Data Loss Prevention (NDLP) anterior a 9.2.2 permite a usuarios locales causar una denegación de servicio a través de un valor manipulado en el campo del dominio. • https://kc.mcafee.com/corporate/index?page=content&id=SB10044 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2014-8537
https://notcve.org/view.php?id=CVE-2014-8537
29 Oct 2014 — McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading the logs. McAfee Network Data Loss Prevention (NDLP) anterior a 9.2.2 permite a usuarios locales obtener información sensible mediante la lectura de los registros. • http://www.securityfocus.com/bid/70835 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2014-8536
https://notcve.org/view.php?id=CVE-2014-8536
29 Oct 2014 — McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages. McAfee Network Data Loss Prevention (NDLP) anterior a 9.2.2 permite a usuarios locales obtener información sensible mediante la lectura de mensajes de error no especificados. • http://www.securityfocus.com/bid/70840 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2014-8529
https://notcve.org/view.php?id=CVE-2014-8529
29 Oct 2014 — McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which allows local users to obtain sensitive information via unspecified vectors. McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 almacena la clave SSH en texto plano, lo que permite a usuarios locales obtener información sensible a través de vectores no especificados. • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-310: Cryptographic Issues •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2009-5117
https://notcve.org/view.php?id=CVE-2009-5117
22 Aug 2012 — The Web Post Protection feature in McAfee Host Data Loss Prevention (DLP) 3.x before 3.0.100.10 and 9.x before 9.0.0.422, when HTTP Capture mode is enabled, allows local users to obtain sensitive information from web traffic by reading unspecified files. La funcionalidad Web Post Protection en McAfee Host Data Loss Prevention (DLP) v3.x anteriores a v3.0.100.10 y v9.x anteriores a v9.0.0.422, cunado el modo HTTP Capture está activado, permite a usuarios locales a obtener información sensible del tráfico web... • https://exchange.xforce.ibmcloud.com/vulnerabilities/78447 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •