Lucene search
HistoryOct 29, 2014 - 2:55 p.m.
CVE-2014-8531
cve-2014-8531
mcafee
ndlp
tls
ssl
weak cipher
remote code execution
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.4%
The TLS/SSL Server in McAfee Network Data Loss Prevention (NDLP) before 9.3 uses weak cipher algorithms, which makes it easier for remote authenticated users to execute arbitrary code via unspecified vectors.
Affected configurations
Node
mcafeenetwork_data_loss_preventionRange≤9.2.2
ORmcafeenetwork_data_loss_preventionMatch8.6
ORmcafeenetwork_data_loss_preventionMatch9.2.0
ORmcafeenetwork_data_loss_preventionMatch9.2.1
Related
cvelist
cvelist
CVE-2014-8531
2014-10-29 14:00:00
nvd
nvd
CVE-2014-8531
2014-10-29 14:55:04
prion
prion
Code injection
2014-10-29 14:55:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.4%
Related for CVE-2014-8531