PT-2018-17703 · Mcafee+1 · Mcafee Data Loss Prevention Endpoint+1

Published

2018-05-25

Updated

2019-10-09

CVE-2018-6664

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions McAfee Data Loss Prevention (DLP) Endpoint versions prior to 10.0.500 McAfee Data Loss Prevention (DLP) Endpoint versions prior to 11.0.400

Description The issue allows authenticated users to bypass the product block action via a command-line utility. This is related to an Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint.

Recommendations For versions prior to 10.0.500, update to version 10.0.500 or later. For versions prior to 11.0.400, update to version 11.0.400 or later.

Fix

Improper Verification of Cryptographic Signature

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-347

Related Identifiers

CVE-2018-6664

Affected Products

Mcafee Data Loss Prevention Endpoint

Windows

PT-2018-17703 · Mcafee+1 · Mcafee Data Loss Prevention Endpoint+1

CVE-2018-6664

Weakness Enumeration

Related Identifiers

Affected Products

References · 6