110 matches found
CVE-2017-4012
Privilege Escalation vulnerability in the server in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote authenticated users to view confidential information via modification of the HTTP request...
CVE-2017-4016
Web Server method disclosure in the server in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote attackers to exploit and find another hole via HTTP response header...
Information disclosure
Banner Disclosure in the server in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote attackers to obtain product information via HTTP response header...
Design/Logic Flaw
Web Server method disclosure in the server in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote attackers to exploit and find another hole via HTTP response header...
CVE-2017-4012
Privilege Escalation vulnerability in the server in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote authenticated users to view confidential information via modification of the HTTP request...
CVE-2017-4014
Session Side jacking vulnerability in the server in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote authenticated users to view, add, and remove users via modification of the HTTP request...
CVE-2017-4015
Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header...
CVE-2017-4016
Web Server method disclosure in the server in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote attackers to exploit and find another hole via HTTP response header...
CVE-2017-4015
CVE-2017-4015 affects McAfee Network Data Loss Prevention (NDLP) 9.3.x. A remote authenticated attacker can hijack the victim’s click actions by sending specially crafted HTTP response headers to inject arbitrary web scripts/HTML. Root cause: improper validation of user-supplied HTTP response hea...
CVE-2017-4011
McAfee Network Data Loss Prevention (NDLP) 9.3.x is affected by a Cross‑Site Scripting (XSS) vulnerability in the server (notably via the User‑Agent header as per the nuclei template) that allowed remote attackers to view session/cookie data by modifying HTTP requests. Exploitation details are pr...
CVE-2017-4016
CVE-2017-4016 affects McAfee Network Data Loss Prevention (NDLP) 9.3.x. The Web server allows information disclosure through HTTP response headers, enabling remote attackers to reveal additional vulnerabilities via the header leakage. CVSS data indicates network access with low privileges and par...
CVE-2017-4012
CVE-2017-4012 affects McAfee Network Data Loss Prevention (NDLP) server components in NDLP 9.3.x. The vulnerability allows remote authenticated users to view confidential information by modifying an HTTP request, constituting a privilege-escalation issue. Documents consistently describe impact as...
CVE-2017-4014
CVE-2017-4014 affects McAfee Network Data Loss Prevention (NDLP) 9.3.x. The vulnerability is described as a session-side hijack in the server, allowing remote authenticated users to view, add, and remove users by modifying HTTP requests. Affected component is the server implementation of NDLP 9.3...
CVE-2017-4013
CVE-2017-4013 concerns the McAfee Network Data Loss Prevention (NDLP) server. The connected sources describe a banner/info-disclosure vulnerability in NDLP 9.3.x where remote attackers can obtain product information through HTTP response headers. No details about vulnerable subsystems, exact root...
CVE-2017-4017
McAfee Network Data Loss Prevention (NDLP) 9.3.x contains an information disclosure vulnerability in the server implementation that allows remote attackers to view user information via the appliance web interface. Public sources in connected documents corroborate that an attacker can exploit the ...
CVE-2014-8535
McAfee Network Data Loss Prevention NDLP before 9.2.2 allows local users to bypass intended restriction on unspecified functionality via unknown vectors...
CVE-2014-8534
Unspecified vulnerability in the login form in McAfee Network Data Loss Prevention NDLP before 9.2.2 allows local users to cause a denial of service via a crafted value in the domain field...
CVE-2014-8537
McAfee Network Data Loss Prevention NDLP before 9.2.2 allows local users to obtain sensitive information by reading the logs...
CVE-2014-8536
McAfee Network Data Loss Prevention NDLP before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages...
CVE-2014-8526
McAfee Network Data Loss Prevention NDLP before 9.3 allows local users to obtain sensitive information by reading a Java stack trace...