PT-2015-5874 · Mcafee · Mcafee Data Loss Prevention Endpoint

Publicado

2015-03-27

Atualizado

2016-12-03

CVE-2015-2758

CVSS v2.0

6.5

Média

Vetor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions McAfee Data Loss Prevention Endpoint (DLPe) versions prior to 9.3 Patch 4 Hotfix 16 (9.3.416.4)

Description The issue allows remote authenticated users to obtain sensitive information, modify the database, or possibly have other unspecified impact via a crafted URL.

Recommendations For versions prior to 9.3 Patch 4 Hotfix 16 (9.3.416.4), update to version 9.3 Patch 4 Hotfix 16 (9.3.416.4) or later to resolve the issue. As a temporary workaround, consider restricting access to the ePO extension to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2015-2758

Produtos afetados

Mcafee Data Loss Prevention Endpoint

PT-2015-5874 · Mcafee · Mcafee Data Loss Prevention Endpoint

CVE-2015-2758

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3