CVE-2018-6664

Published: May 25, 2018Modified: Nov 21, 2024

8.8

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility.

Affected (2)

Products: Mcafee: Data Loss Prevention Endpoint

1 product

Data Loss Prevention Endpoint

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mcafee Data Loss Prevention Endpoint	Before 10.0.500

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Mcafee Data Loss Prevention Endpoint	Before 11.0.400

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

Improper Verification of Cryptographic Signature

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

References (7)

http://www.securityfocus.com/bid/104299

Source: trellixpsirt@trellix.com

http://www.securitytracker.com/id/1040895

Source: trellixpsirt@trellix.com

https://kc.mcafee.com/corporate/index?page=content&id=SB10237

Source: trellixpsirt@trellix.com

https://kc.mcafee.com/corporate/index?page=content&id=SB10233

Source: nvd@nist.gov

Vendor Advisory

http://www.securityfocus.com/bid/104299

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1040895

Source: af854a3a-2127-422b-91ae-364da2661108

https://kc.mcafee.com/corporate/index?page=content&id=SB10237

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.