CVE-2019-3621

3 documents3 sources
Severity
6.2MEDIUM
EPSS
0.1%
top 81.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mcafee, LLC Data Loss Prevention (dlpe) FOR WindowsMcafee Data Loss Prevention Endpoint
Timeline
PublishedJul 25
Latest updateMay 24

Description

Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows physical local user to bypass the Windows lock screen via DLPe processes being killed just prior to the screen being locked or when the screen is locked. The attacker requires physical access to the machine.

CVSS vector

CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:HExploitability: 0.2 | Impact: 6.0

Affected Packages2 packages

NVDmcafee/data_loss_prevention_endpoint11.011.1.200+1

🔴Vulnerability Details

2
GHSA
GHSA-jc2x-2479-3mxp: Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 112022-05-24
CVEList
DLP Endpoint Windows lock screen bypass with physical access2019-07-25
CVE-2019-3621 (MEDIUM CVSS 6.2) | Authentication protection bypass vu | cvebase.io