Sql injection

2021-11-0120:15:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.6%

JSON

SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension.

CPENameOperatorVersion
data_loss_prevention_endpointge11.6.0
data_loss_prevention_endpointlt11.6.400
data_loss_prevention_endpointge11.7.0
data_loss_prevention_endpointlt11.7.100

Name	Operator	Version
data_loss_prevention_endpoint	ge	11.6.0
data_loss_prevention_endpoint	lt	11.6.400
data_loss_prevention_endpoint	ge	11.7.0
data_loss_prevention_endpoint	lt	11.7.100

References

kc.mcafee.com/corporate/index?page=content&id=SB10371