CVE-2019-3622
7.5
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
Summary
Files or Directories Accessible to External Parties in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows authenticated user to redirect DLPe log files to arbitrary locations via incorrect access control applied to the DLPe log folder allowing privileged users to create symbolic links.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| McAfee, LLC | Data Loss Prevention (DLPe) for Windows | 11.x < 11.3.0 | affected |
Weaknesses
- CWE-552: CWE-552 Files or Directories Accessible to External Parties
ADP Enrichment
CVE Program Container
Additional References
- https://kc.mcafee.com/corporate/index?page=content&id=SB10290
- http://www.securityfocus.com/bid/109370
References
- https://kc.mcafee.com/corporate/index?page=content&id=SB10290
- http://www.securityfocus.com/bid/109370
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.