Lucene search
K
McafeeNetwork Data Loss Prevention

31 matches found

CVE
CVE
added 2004/05/05 4:0 a.m.805 views

CVE-2004-0230

Technical details beyond the public description are not provided in the supplied documents. CVE-2004-0230 describes a TCP sequence-number guessing/RST-injection denial-of-service under large window size; no remediation details are given here.

5CVSS9.1AI score0.80855EPSS
CVE
CVE
added 2017/05/17 9:0 p.m.67 views

CVE-2017-4011

McAfee Network Data Loss Prevention (NDLP) 9.3.x is affected by a Cross‑Site Scripting (XSS) vulnerability in the server (notably via the User‑Agent header as per the nuclei template) that allowed remote attackers to view session/cookie data by modifying HTTP requests. Exploitation details are pr...

6.1CVSS6.1AI score0.03271EPSS
CVE
CVE
added 2017/10/31 2:0 p.m.62 views

CVE-2017-3934

CVE-2017-3934 affects McAfee Network Data Loss Prevention (NDLP) server v9.3.x. The vulnerability is due to missing HTTP Strict Transport Security (HSTS) state, enabling MITM attackers to access confidential data by reading files on the web server. Descriptions in connected CNVD/NVD entries corro...

5.9CVSS5.4AI score0.00991EPSS
CVE
CVE
added 2017/05/17 9:0 p.m.62 views

CVE-2017-4013

CVE-2017-4013 concerns the McAfee Network Data Loss Prevention (NDLP) server. The connected sources describe a banner/info-disclosure vulnerability in NDLP 9.3.x where remote attackers can obtain product information through HTTP response headers. No details about vulnerable subsystems, exact root...

5.3CVSS5.1AI score0.01049EPSS
CVE
CVE
added 2017/05/17 9:0 p.m.56 views

CVE-2017-4017

McAfee Network Data Loss Prevention (NDLP) 9.3.x contains an information disclosure vulnerability in the server implementation that allows remote attackers to view user information via the appliance web interface. Public sources in connected documents corroborate that an attacker can exploit the ...

5.3CVSS5.2AI score0.01049EPSS
CVE
CVE
added 2017/05/17 9:0 p.m.55 views

CVE-2017-4015

CVE-2017-4015 affects McAfee Network Data Loss Prevention (NDLP) 9.3.x. A remote authenticated attacker can hijack the victim’s click actions by sending specially crafted HTTP response headers to inject arbitrary web scripts/HTML. Root cause: improper validation of user-supplied HTTP response hea...

4.5CVSS4.5AI score0.01067EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.54 views

CVE-2014-8528

CVE-2014-8528 affects McAfee Network Data Loss Prevention (NDLP) prior to 9.3. The issue is that session IDs are logged, allowing local users to read the audit log and obtain sensitive information (partial confidentiality impact). No remediation or patch/version details are provided in the suppli...

2.1CVSS5.9AI score0.0032EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.52 views

CVE-2014-8520

CVE-2014-8520 affects McAfee Network Data Loss Prevention (NDLP) older than version 9.3. Public sources describe an information disclosure vulnerability where remote attackers can obtain sensitive data via vectors related to open network ports. The available documents do not provide specific tech...

5CVSS6.2AI score0.01354EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.52 views

CVE-2014-8522

CVE-2014-8522 concerns the MySQL database component used by McAfee Network Data Loss Prevention (NDLP). The vulnerability stems from the NDLP deployment permitting unauthenticated access to its MySQL database prior to version 9.3, meaning remote attackers could gain access without credentials. Pu...

7.5CVSS6.7AI score0.01254EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.52 views

CVE-2014-8525

CVE-2014-8525 affects McAfee Network Data Loss Prevention (NDLP) prior to 9.3, where the session cookie Set-Cookie header omits the HttpOnly flag. This allows script access to the cookie, potentially exposing sensitive information. The provided sources describe the issue but do not specify affect...

5CVSS6.2AI score0.01354EPSS
CVE
CVE
added 2018/06/13 8:0 p.m.52 views

CVE-2017-3968

CVE-2017-3968 concerns a session fixation vulnerability in the web interface of McAfee Network Security Manager (NSM) and Network Data Loss Prevention (NDLP). The issue allows remote attackers to disclose sensitive information or manipulate the underlying database by exploiting a crafted authenti...

9.1CVSS8.3AI score0.01497EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.51 views

CVE-2014-8535

CVE-2014-8535 affects McAfee Network Data Loss Prevention (NDLP) prior to version 9.2.2. The vulnerability allows local users to bypass a restriction on an unspecified functionality via unknown vectors. The provided documents identify the affected product and version and describe the impact (bypa...

4.6CVSS6.5AI score0.00317EPSS
CVE
CVE
added 2017/10/31 2:0 p.m.51 views

CVE-2017-3935

CVE-2017-3935 affects McAfee Network Data Loss Prevention (NDLP). All connected sources describe a MIME type sniffing vulnerability where the response body could be interpreted/displayed as a content type different from the intended one, potentially impacting how IE renders the content. The root ...

7.5CVSS7.4AI score0.01033EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.50 views

CVE-2014-8530

The vulnerability CVE-2014-8530 affects McAfee Network Data Loss Prevention (NDLP) before version 9.3. It is described as an unspecified vulnerability allowing remote attackers to obtain sensitive information, impact integrity, or cause a denial of service via unknown vectors, with the issue rela...

7.5CVSS7AI score0.01323EPSS
CVE
CVE
added 2017/05/17 9:0 p.m.50 views

CVE-2017-4012

CVE-2017-4012 affects McAfee Network Data Loss Prevention (NDLP) server components in NDLP 9.3.x. The vulnerability allows remote authenticated users to view confidential information by modifying an HTTP request, constituting a privilege-escalation issue. Documents consistently describe impact as...

6.5CVSS6AI score0.01259EPSS
CVE
CVE
added 2017/05/17 9:0 p.m.50 views

CVE-2017-4014

CVE-2017-4014 affects McAfee Network Data Loss Prevention (NDLP) 9.3.x. The vulnerability is described as a session-side hijack in the server, allowing remote authenticated users to view, add, and remove users by modifying HTTP requests. Affected component is the server implementation of NDLP 9.3...

8CVSS7.4AI score0.00861EPSS
CVE
CVE
added 2017/05/17 9:0 p.m.50 views

CVE-2017-4016

CVE-2017-4016 affects McAfee Network Data Loss Prevention (NDLP) 9.3.x. The Web server allows information disclosure through HTTP response headers, enabling remote attackers to reveal additional vulnerabilities via the header leakage. CVSS data indicates network access with low privileges and par...

5.3CVSS5.3AI score0.01049EPSS
CVE
CVE
added 2017/10/31 2:0 p.m.49 views

CVE-2017-3933

McAfee Network Data Loss Prevention (NDLP) 9.3.x is affected by a vulnerability described as Embedding Script (XSS) in HTTP Headers, allowing remote authenticated users to view confidential information via a cross-site request forgery (CSRF) attack. The issue, as documented across multiple source...

5.4CVSS5AI score0.00642EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.47 views

CVE-2014-8519

McAfee Network Data Loss Prevention (NDLP)

2.1CVSS6.4AI score0.00318EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.47 views

CVE-2014-8534

Technical details such as affected products/versions, root cause, exploitability, or fixes are not publicly provided in the connected documents. Monitor for updates from vendors and advisories to obtain concrete information.

2.1CVSS6.3AI score0.00293EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.46 views

CVE-2014-8524

CVE-2014-8524 affects McAfee Network Data Loss Prevention (NDLP) prior to version 9.3. The vulnerability arises because the autocomplete setting for passwords and other fields is not disabled, allowing remote attackers to obtain sensitive information via unspecified vectors. This is corroborated ...

5CVSS6.6AI score0.01186EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.46 views

CVE-2014-8529

CVE-2014-8529 affects McAfee Network Data Loss Prevention (NDLP) prior to version 9.3. The issue is that the product stores the SSH key in cleartext, enabling local users to obtain sensitive information via unspecified vectors. The documents provide the vulnerability presence and its information-...

2.1CVSS5.9AI score0.0032EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.46 views

CVE-2014-8532

Technical details about CVE-2014-8532 are not publicly available in the provided documents. The records describe an unspecified vulnerability in McAfee NDLP prior to 9.3 but do not specify affected components, root cause, or fixes. Monitor for updates.

3.6CVSS6AI score0.00317EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.45 views

CVE-2014-8526

McAfee Network Data Loss Prevention (NDLP) prior to version 9.3 is affected by a local information-disclosure vulnerability where an attacker can read a Java stack trace to obtain sensitive information. The available documents confirm the affected product and symptom (stack trace exposure) and th...

2.1CVSS5.9AI score0.00371EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.45 views

CVE-2014-8537

CVE-2014-8537 affects McAfee Network Data Loss Prevention (NDLP) prior to version 9.2.2. The vulnerability allows local users to obtain sensitive information by reading NDLP logs. The available documents confirm the affected product and the basic impact (information disclosure via logs); a deeper...

2.1CVSS5.9AI score0.0033EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.44 views

CVE-2014-8523

CVE-2014-8523 describes a CSRF vulnerability in McAfee Network Data Loss Prevention (NDLP) prior to version 9.3. The flaw could allow remote attackers to hijack the authentication of unspecified victims via unknown vectors; the exact attack vectors and exploited components are not detailed in the...

6.8CVSS7.3AI score0.00576EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.44 views

CVE-2014-8527

CVE-2014-8527 affects McAfee Network Data Loss Prevention (NDLP) prior to 9.3. The issue allows local users to obtain sensitive information and affect integrity through vectors related to a plain text password. The description provides affected product and root cause (plain text password handling...

3.6CVSS5.8AI score0.00317EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.44 views

CVE-2014-8531

The CVE-2014-8531 entry concerns McAfee Network Data Loss Prevention (NDLP) TLS/SSL Server prior to version 9.3. The issue is that the TLS/SSL Server uses weak cipher algorithms, enabling remote authenticated users to execute arbitrary code via unspecified vectors. Documents explicitly link the v...

6.5CVSS7.5AI score0.01921EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.44 views

CVE-2014-8536

CVE-2014-8536 affects McAfee Network Data Loss Prevention (NDLP) prior to version 9.2.2. The issue is a local information-disclosure vulnerability where local users can obtain sensitive data by reading unspecified error messages. Affected component is NDLP; root cause described as error messaging...

2.1CVSS6AI score0.0033EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.43 views

CVE-2014-8521

CVE-2014-8521 is an XSS vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3, where remote authenticated users can inject arbitrary web script or HTML via unspecified vectors. The NVD entry assigns a low impact (CVSSv2 base score 3.5) with network access and partial integrity im...

3.5CVSS5.4AI score0.0039EPSS
CVE
CVE
added 2014/10/29 2:0 p.m.41 views

CVE-2014-8533

CVE-2014-8533 affects McAfee Network Data Loss Prevention (NDLP) prior to version 9.3. The issue allows remote attackers to execute arbitrary code via vectors related to ICMP redirection, resulting in potential impact to confidentiality, integrity, and availability as stated by NVD (base score 7....

7.5CVSS7.9AI score0.02173EPSS