CVE-2015-2758 — Data Loss Prevention Endpoint vulnerability

CWE-2643 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.4%

top 39.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mcafee Data Loss Prevention Endpoint

Timeline

PublishedMar 27

Latest updateMay 17

Description

The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to obtain sensitive information, modify the database, or possibly have other unspecified impact via a crafted URL.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages1 packages

▶NVDmcafee/data_loss_prevention_endpoint9.3.400

🔴Vulnerability Details

GHSA

GHSA-wf3f-hjgc-r6jc: The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9↗2022-05-17

▶

CVEList

CVE-2015-2758: The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9↗2015-03-27

▶