CVE-2022-1700
https://notcve.org/view.php?id=CVE-2022-1700
Improper Restriction of XML External Entity Reference ('XXE') vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP), which is also leveraged by Forcepoint One Endpoint (F1E), Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20, 2022. The XML parser in the Policy Engine was found to be improperly configured to support external entities and external DTD (Document Type Definitions), which can lead to an XXE attack. This issue affects: Forcepoint Data Loss Prevention (DLP) versions prior to 8.8.2. Forcepoint One Endpoint (F1E) with Policy Engine versions prior to 8.8.2. Forcepoint Web Security Content Gateway versions prior to 8.5.5. • https://help.forcepoint.com/security/CVE/CVE-2022-1700.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2021-31832 – Cross site scripting vulnerability in DLP Endpoint for Windows
https://notcve.org/view.php?id=CVE-2021-31832
Improper Neutralization of Input in the ePO administrator extension for McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a remote ePO DLP administrator to inject JavaScript code into the alert configuration text field. This JavaScript will be executed when an end user triggers a DLP policy on their machine. Una Neutralización Inapropiada de la Entrada en la extensión del administrador de ePO para McAfee Data Loss Prevention (DLP) Endpoint para Windows anterior a 11.6.200 permite a un administrador remoto de ePO DLP inyectar código JavaScript en el campo alert configuration text. Este JavaScript se ejecutará cuando un usuario final desencadena una política de DLP en su máquina • https://kc.mcafee.com/corporate/index?page=content&id=SB10360 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-6590
https://notcve.org/view.php?id=CVE-2020-6590
Forcepoint Web Security Content Gateway versions prior to 8.5.4 improperly process XML input, leading to information disclosure. Forcepoint Web Security Content Gateway versiones anteriores a 8.5.4, procesan inapropiadamente una entrada XML, conllevando a una divulgación de información • https://help.forcepoint.com/security/CVE/CVE-2020-6590.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2020-7346 – Privilege escalation in McAfee DLP Endpoint for Windows
https://notcve.org/view.php?id=CVE-2020-7346
Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker's choosing. This requires the creation and removal of junctions by the attacker along with sending a specific IOTL command at the correct time. Una vulnerabilidad de Escalada de Privilegios en McAfee Data Loss Prevention (DLP) para Windows versiones anteriores a 11.6.100, permite a un atacante local, poco privilegiado, usar uniones para causar que el producto cargue los archivos DLL de elección del atacante. Esto requiere la creación y eliminación de uniones por parte del atacante junto con el envío de un comando IOTL específico en el momento correcto • https://kc.mcafee.com/corporate/index?page=content&id=SB10344 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2020-7307 – DLP for Mac - Unprotected Storage of Credentials
https://notcve.org/view.php?id=CVE-2020-7307
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials. Una vulnerabilidad de Almacenamiento de Credenciales Desprotegido en McAfee Data Loss Prevention (DLP) para Mac versiones anteriores a 11.5.2, permite a usuarios locales conseguir acceso al nombre de usuario y contraseña de RiskDB por medio de archivos de registro no protegidos que contienen credenciales de texto plano • https://kc.mcafee.com/corporate/index?page=content&id=SB10326 • CWE-522: Insufficiently Protected Credentials •