Lucene search

TrellixCVELIST:CVE-2018-6689

HistoryOct 03, 2018 - 12:00 p.m.

CVE-2018-6689 Data Loss Prevention Endpoint (DLPe) - Authentication Bypass vulnerability

2018-10-0312:00:00

trellix

www.cve.org

7 High

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.8%

JSON

Authentication Bypass vulnerability in McAfee Data Loss Prevention Endpoint (DLPe) 10.0.x earlier than 10.0.510, and 11.0.x earlier than 11.0.600 allows attackers to bypass local security protection via specific conditions.

CNA Affected

[
  {
    "platforms": [
      "x86"
    ],
    "product": "Data Loss Prevention Endpoint (DLPe)",
    "vendor": "McAfee",
    "versions": [
      {
        "lessThan": "10.0.0*",
        "status": "affected",
        "version": "10.0.0",
        "versionType": "custom"
      },
      {
        "lessThan": "10.0.510*",
        "status": "unaffected",
        "version": "10.0.510",
        "versionType": "custom"
      },
      {
        "lessThan": "11.0.0*",
        "status": "affected",
        "version": "11.0.0",
        "versionType": "custom"
      },
      {
        "lessThan": "11.0.600*",
        "status": "unaffected",
        "version": "11.0.600",
        "versionType": "custom"
      }
    ]
  }
]

References

www.securitytracker.com/id/1041908

kc.mcafee.com/corporate/index?page=content&id=SB10252

7 High

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.8%

JSON

Related for CVELIST:CVE-2018-6689