CVE-2018-6689

Data Loss Prevention Endpoint (DLPe) - Authentication Bypass vulnerability

CVSS 7 HIGHEPSS 0.4%

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 7EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

03 Oct 2018Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Authentication Bypass vulnerability in McAfee Data Loss Prevention Endpoint (DLPe) 10.0.x earlier than 10.0.510, and 11.0.x earlier than 11.0.600 allows attackers to bypass local security protection via specific conditions.

CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

Affected products

McAfee · Data Loss Prevention Endpoint (DLPe)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10252 http://www.securitytracker.com/id/1041908