CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2330 – XXE vulnerability in DLP Endpoint for Windows
https://notcve.org/view.php?id=CVE-2022-2330
30 Aug 2022 — Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows prior to 11.9.100 allows a remote attacker to cause the DLP Agent to access a local service that the attacker wouldn't usually have access to via a carefully constructed XML file, which the DLP Agent doesn't parse correctly. La vulnerabilidad de restricción inadecuada de la referencia a entidades externas XML en DLP Endpoint para Windows anterior a la versión 11.9.100 permite a un atacante remoto hacer que el age... • https://kcm.trellix.com/corporate/index?page=content&id=SB10386 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2021-4088 – Blind SQL injection in DLP ePO extension
https://notcve.org/view.php?id=CVE-2021-4088
24 Jan 2022 — SQL injection vulnerability in Data Loss Protection (DLP) ePO extension 11.8.x prior to 11.8.100, 11.7.x prior to 11.7.101, and 11.6.401 allows a remote authenticated attacker to inject unfiltered SQL into the DLP part of the ePO database. This could lead to remote code execution on the ePO server with privilege escalation. Una vulnerabilidad de inyección SQL en la extensión de ePO de Data Loss Protection (DLP) versiones 11.8.x anteriores a 11.8.100, versiones 11.7.x anteriores a 11.7.101 y versiones 11.6.4... • https://kc.mcafee.com/corporate/index?page=content&id=SB10376 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-31848 – Data Loss Prevention (DLP) ePO extension - Cross site scripting (XSS)
https://notcve.org/view.php?id=CVE-2021-31848
01 Nov 2021 — Cross site scripting (XSS) vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker to highjack an active DLP ePO administrator session by convincing the logged in administrator to click on a carefully crafted link in the case management part of the DLP ePO extension. Una vulnerabilidad de tipo cross site scripting (XSS) en la extensión de McAfee Data Loss Prevention (DLP) ePO versiones anteriores a 11.7.100, permite a un atacante remoto secuestrar una sesi... • https://kc.mcafee.com/corporate/index?page=content&id=SB10371 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-31849 – Data Loss Prevention (DLP) ePO extension - SQL injection
https://notcve.org/view.php?id=CVE-2021-31849
01 Nov 2021 — SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension. Una vulnerabilidad de inyección SQL en la extensión de McAfee Data Loss Prevention (DLP) ePO versiones anteriores a 11.7.100, permite a un atacante remoto que haya iniciado sesión en ePO como administrador inyectar SQL arbitrario en la base de da... • https://kc.mcafee.com/corporate/index?page=content&id=SB10371 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2021-31844 – Local Privilege Escalation in McAfee DLP Endpoint for Windows
https://notcve.org/view.php?id=CVE-2021-31844
17 Sep 2021 — A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a local attacker to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro (.sam) files onto the local system and triggering a DLP Endpoint scan through accessing a file. This is caused by the destination buffer being of fixed size and incorrect checks being made on the source size. Una vulnerabilidad de desbordamiento del búfer en McAfee Data Loss Prevent... • https://kc.mcafee.com/corporate/index?page=content&id=SB10368 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-31845 – Remote Code Execution in McAfee DLP Discover
https://notcve.org/view.php?id=CVE-2021-31845
17 Sep 2021 — A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Discover prior to 11.6.100 allows an attacker in the same network as the DLP Discover to execute arbitrary code through placing carefully constructed Ami Pro (.sam) files onto a machine and having DLP Discover scan it, leading to remote code execution with elevated privileges. This is caused by the destination buffer being of fixed size and incorrect checks being made on the source size. Una vulnerabilidad de desbordamiento de búfer en McA... • https://kc.mcafee.com/corporate/index?page=content&id=SB10368 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.2EPSS: 0%CPEs: 1EXPL: 0CVE-2021-31832 – Cross site scripting vulnerability in DLP Endpoint for Windows
https://notcve.org/view.php?id=CVE-2021-31832
09 Jun 2021 — Improper Neutralization of Input in the ePO administrator extension for McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a remote ePO DLP administrator to inject JavaScript code into the alert configuration text field. This JavaScript will be executed when an end user triggers a DLP policy on their machine. Una Neutralización Inapropiada de la Entrada en la extensión del administrador de ePO para McAfee Data Loss Prevention (DLP) Endpoint para Windows anterior a 11.6.200 permi... • https://kc.mcafee.com/corporate/index?page=content&id=SB10360 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23887 – Privilege escalation in McAfee DLP Endpoint for Windows
https://notcve.org/view.php?id=CVE-2021-23887
15 Apr 2021 — Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel addresses. This is achieved by launching applications, suspending them, modifying the memory and restarting them when they are monitored by McAfee DLP through the hdlphook driver. Una vulnerabilidad de Escalada de Privilegios en McAfee Data Loss Prevention (DLP) Endpoint para Windows anterior a versión 11.6.100, permit... • https://kc.mcafee.com/corporate/index?page=content&id=SB10354 • CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23886 – Local Denial of Service in McAfee DLP Endpoint for Windows
https://notcve.org/view.php?id=CVE-2021-23886
15 Apr 2021 — Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to cause a BSoD through suspending a process, modifying the processes memory and restarting it. This is triggered by the hdlphook driver reading invalid memory. Una vulnerabilidad de Denegación de Servicio en McAfee Data Loss Prevention (DLP) Endpoint para Windows anterior a versión 11.6.100, permite a un atacante local, poco privilegiado, causar un BSoD al sus... • https://kc.mcafee.com/corporate/index?page=content&id=SB10354 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7346 – Privilege escalation in McAfee DLP Endpoint for Windows
https://notcve.org/view.php?id=CVE-2020-7346
23 Mar 2021 — Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker's choosing. This requires the creation and removal of junctions by the attacker along with sending a specific IOTL command at the correct time. Una vulnerabilidad de Escalada de Privilegios en McAfee Data Loss Prevention (DLP) para Windows versiones anteriores a 11.6.100, permite a un atac... • https://kc.mcafee.com/corporate/index?page=content&id=SB10344 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •