KLA10509
Multiple vulnerabilities in McAfee DLPe
Обновлено: 17/06/2019
Дата обнаружения
27/03/2015
Уровень угрозы
High
Описание

Multiple serious vulnerabilities have been found in McAfee DLPe. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, bypass security restrictions, inject arbitrary code or write local files.

Below is a complete list of vulnerabilities

  1. XSS vulnerability can be exploited remotely via an unspecified vectors;
  2. Multiple CSRF vulnerabilities cab be exploited remotely via requests hijack;
  3. An unknown vulnerabilities can be exploited remotely via a specially designed URL or other unspecified vectors.
Пораженные продукты

McAfee Data Loss Prevention Endpoint (DLPe) versions earlier than 9.3 Patch 4 Hotfix 16

Решение

Update to the latest version

Первичный источник обнаружения
McAfee bulletin
Оказываемое влияние
?
OSI 
[?]

DoS 
[?]

CI 
[?]

SB 
[?]

WLF 
[?]
Связанные продукты
McAfee Data Loss Prevention Endpoint
CVE-IDS