KLA10509
Multiple vulnerabilities in McAfee DLPe
Updated: 05/22/2020
Detect date
?
03/27/2015
Severity
?
High
Description

Multiple serious vulnerabilities have been found in McAfee DLPe. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, bypass security restrictions, inject arbitrary code or write local files.

Below is a complete list of vulnerabilities

  1. XSS vulnerability can be exploited remotely via an unspecified vectors;
  2. Multiple CSRF vulnerabilities cab be exploited remotely via requests hijack;
  3. An unknown vulnerabilities can be exploited remotely via a specially designed URL or other unspecified vectors.
Affected products

McAfee Data Loss Prevention Endpoint (DLPe) versions earlier than 9.3 Patch 4 Hotfix 16

Solution

Update to the latest version

Original advisories

McAfee bulletin

Impacts
?
OSI 
[?]

DoS 
[?]

CI 
[?]

SB 
[?]

WLF 
[?]
Related products
McAfee Data Loss Prevention Endpoint
CVE-IDS
?