CVE-2018-6689

Published: Oct 3, 2018Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Authentication Bypass vulnerability in McAfee Data Loss Prevention Endpoint (DLPe) 10.0.x earlier than 10.0.510, and 11.0.x earlier than 11.0.600 allows attackers to bypass local security protection via specific conditions.

Affected (2)

Products: Mcafee: Data Loss Prevention Endpoint

Mcafee

1 product

Data Loss Prevention Endpoint

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Mcafee Data Loss Prevention Endpoint	From 10.0.0 to 10.0.510
Mcafee Data Loss Prevention Endpoint	From 11.0.0 to 11.0.600

Related CWEs

CWE-287

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (4)

http://www.securitytracker.com/id/1041908

Source: trellixpsirt@trellix.com

https://kc.mcafee.com/corporate/index?page=content&id=SB10252

Source: trellixpsirt@trellix.com

http://www.securitytracker.com/id/1041908

Source: af854a3a-2127-422b-91ae-364da2661108

https://kc.mcafee.com/corporate/index?page=content&id=SB10252

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.