4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
The version of the McAfee Data Loss Prevention Endpoint (DLPe) Agent installed on the remote Windows host is 11.x prior to 11.1.210.32, 11.2.x, or 11.3.x prior to 11.3.2.8. It is, therefore, affected by multiple vulnerabilities:
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to ‘blue screen’ via a carefully constructed message sent to DLPe which bypasses DLPe internal checks and results in DLPe reading unallocated memory. (CVE-2019-3633)
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to ‘blue screen’ via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory. (CVE-2019-3634)
#
# (C) Tenable Network Security, Inc.
#
include('compat.inc');
if (description)
{
script_id(128416);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/30");
script_cve_id("CVE-2019-3633", "CVE-2019-3634");
script_xref(name:"MCAFEE-SB", value:"SB10295");
script_xref(name:"IAVA", value:"2019-A-0308-S");
script_name(english:"McAfee DLPe Agent 11.x < 11.1.210.32 / 11.2.x / 11.3.x < 11.3.2.8 Multiple Vulnerabilities (SB10295)");
script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of the McAfee Data Loss Prevention Endpoint (DLPe) Agent installed on the remote Windows host is 11.x
prior to 11.1.210.32, 11.2.x, or 11.3.x prior to 11.3.2.8. It is, therefore, affected by multiple vulnerabilities:
- Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause
the Windows operating system to 'blue screen' via a carefully constructed message sent to DLPe which bypasses DLPe
internal checks and results in DLPe reading unallocated memory. (CVE-2019-3633)
- Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause
the Windows operating system to 'blue screen' via an encrypted message sent to DLPe which when decrypted results in
DLPe reading unallocated memory. (CVE-2019-3634)");
script_set_attribute(attribute:"see_also", value:"https://kc.mcafee.com/corporate/index?page=content&id=SB10295");
script_set_attribute(attribute:"solution", value:
"Upgrade to McAfee DLPe 11.1.210.32 or 11.3.2.8 or later.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-3634");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/21");
script_set_attribute(attribute:"patch_publication_date", value:"2019/08/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/30");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mcafee:data_loss_prevention_endpoint");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("mcafee_dlpe_agent_installed.nbin");
script_require_keys("installed_sw/McAfee DLPe Agent", "SMB/Registry/Enumerated");
exit(0);
}
include('vcf.inc');
get_kb_item_or_exit('SMB/Registry/Enumerated');
app_info = vcf::get_app_info(app:'McAfee DLPe Agent', win_local:TRUE);
constraints = [
{ 'min_version':'11.0', 'fixed_version':'11.1.210.32' },
{ 'min_version':'11.2', 'fixed_version':'11.3.2.8' }
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
Vendor | Product | Version | CPE |
---|---|---|---|
mcafee | data_loss_prevention_endpoint | cpe:/a:mcafee:data_loss_prevention_endpoint |
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%