CVE-2019-3621

Published: Jul 25, 2019Modified: Nov 21, 2024

6.2

Vector

CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.3 / Impact: 5.9

Source: NVD

Description

Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows physical local user to bypass the Windows lock screen via DLPe processes being killed just prior to the screen being locked or when the screen is locked. The attacker requires physical access to the machine.

Affected (2)

Products: Mcafee: Data Loss Prevention Endpoint

1 product

Data Loss Prevention Endpoint

Configuration A

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Mcafee Data Loss Prevention Endpoint	From 11.0 to 11.1.200
Mcafee Data Loss Prevention Endpoint	From 11.2.000 to 11.3.0

Running on/with	Platform Versions
Microsoft Windows	All versions

References (4)

http://www.securityfocus.com/bid/109370

Source: trellixpsirt@trellix.com

https://kc.mcafee.com/corporate/index?page=content&id=SB10290

Source: trellixpsirt@trellix.com

http://www.securityfocus.com/bid/109370

Source: af854a3a-2127-422b-91ae-364da2661108

https://kc.mcafee.com/corporate/index?page=content&id=SB10290

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.