3 matches found
McAfee Data Loss Prevention ePO extension Blind SQLi (SB10376)
The remote host is running a version of McAfee ePolicy Orchestrator that is affected by a blind SQL injection vulnerability that allows a remote authenticated attacker to inject unfiltered SQL into the DLP part of the ePO database. This could lead to remote code execution on the ePO server with...
CVE-2021-4088 Blind SQL injection in DLP ePO extension
SQL injection vulnerability in Data Loss Protection DLP ePO extension 11.8.x prior to 11.8.100, 11.7.x prior to 11.7.101, and 11.6.401 allows a remote authenticated attacker to inject unfiltered SQL into the DLP part of the ePO database. This could lead to remote code execution on the ePO server...
CVE-2021-4088
CVE-2021-4088 describes a SQL injection in McAfee Data Loss Prevention (DLP) ePO extension. The vulnerability affects DLP ePO extension versions 11.6.401 and 11.7.x up to 11.7.100, and 11.8.x prior to 11.8.100, allowing a remote authenticated attacker to inject unfiltered SQL into the DLP portion...