Search
Find a vulnerability
Search criteria
2 vulnerabilities found for Data Loss Prevention (DLP) Endpoint by McAfee
CVE-2018-6664 (GCVE-0-2018-6664)
Vulnerability from nvd – Published: 2018-05-25 13:00 – Updated: 2024-09-16 17:54
VLAI
Title
SB10233 - Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 - Application Protections Bypass vulnerability
Summary
Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility.
Severity
5.8 (Medium)
CWE
- Application Protection Bypass vulnerability
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104299 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1040895 | vdb-entryx_refsource_SECTRACK |
| https://kc.mcafee.com/corporate/index?page=conten… | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| McAfee | Data Loss Prevention (DLP) Endpoint |
Affected:
10 , < 10.0.500
(custom)
|
|
| McAfee | Data Loss Prevention (DLP) Endpoint |
Affected:
11 , < 11.0.400
(custom)
|
Date Public
2018-05-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:10:10.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104299",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104299"
},
{
"name": "1040895",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040895"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"x86"
],
"product": "Data Loss Prevention (DLP) Endpoint",
"vendor": "McAfee",
"versions": [
{
"lessThan": "10.0.500",
"status": "affected",
"version": "10",
"versionType": "custom"
}
]
},
{
"product": "Data Loss Prevention (DLP) Endpoint",
"vendor": "McAfee",
"versions": [
{
"lessThan": "11.0.400",
"status": "affected",
"version": "11",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-05-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Application Protection Bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-30T09:57:01.000Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"name": "104299",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104299"
},
{
"name": "1040895",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040895"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
],
"source": {
"advisory": "SB10233",
"discovery": "EXTERNAL"
},
"title": "SB10233 - Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 - Application Protections Bypass vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2018-05-08T17:00:00.000Z",
"ID": "CVE-2018-6664",
"STATE": "PUBLIC",
"TITLE": "SB10233 - Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 - Application Protections Bypass vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Data Loss Prevention (DLP) Endpoint",
"version": {
"version_data": [
{
"affected": "\u003c",
"platform": "x86",
"version_affected": "\u003c",
"version_name": "10",
"version_value": "10.0.500"
}
]
}
},
{
"product_name": "Data Loss Prevention (DLP) Endpoint",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "11",
"version_value": "11.0.400"
}
]
}
}
]
},
"vendor_name": "McAfee"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Application Protection Bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104299",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104299"
},
{
"name": "1040895",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040895"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
]
},
"source": {
"advisory": "SB10233",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2018-6664",
"datePublished": "2018-05-25T13:00:00.000Z",
"dateReserved": "2018-02-06T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:54:18.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6664 (GCVE-0-2018-6664)
Vulnerability from cvelistv5 – Published: 2018-05-25 13:00 – Updated: 2024-09-16 17:54
VLAI
Title
SB10233 - Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 - Application Protections Bypass vulnerability
Summary
Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility.
Severity
5.8 (Medium)
CWE
- Application Protection Bypass vulnerability
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104299 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1040895 | vdb-entryx_refsource_SECTRACK |
| https://kc.mcafee.com/corporate/index?page=conten… | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| McAfee | Data Loss Prevention (DLP) Endpoint |
Affected:
10 , < 10.0.500
(custom)
|
|
| McAfee | Data Loss Prevention (DLP) Endpoint |
Affected:
11 , < 11.0.400
(custom)
|
Date Public
2018-05-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:10:10.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104299",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104299"
},
{
"name": "1040895",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040895"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"x86"
],
"product": "Data Loss Prevention (DLP) Endpoint",
"vendor": "McAfee",
"versions": [
{
"lessThan": "10.0.500",
"status": "affected",
"version": "10",
"versionType": "custom"
}
]
},
{
"product": "Data Loss Prevention (DLP) Endpoint",
"vendor": "McAfee",
"versions": [
{
"lessThan": "11.0.400",
"status": "affected",
"version": "11",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-05-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Application Protection Bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-30T09:57:01.000Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"name": "104299",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104299"
},
{
"name": "1040895",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040895"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
],
"source": {
"advisory": "SB10233",
"discovery": "EXTERNAL"
},
"title": "SB10233 - Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 - Application Protections Bypass vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2018-05-08T17:00:00.000Z",
"ID": "CVE-2018-6664",
"STATE": "PUBLIC",
"TITLE": "SB10233 - Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 - Application Protections Bypass vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Data Loss Prevention (DLP) Endpoint",
"version": {
"version_data": [
{
"affected": "\u003c",
"platform": "x86",
"version_affected": "\u003c",
"version_name": "10",
"version_value": "10.0.500"
}
]
}
},
{
"product_name": "Data Loss Prevention (DLP) Endpoint",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "11",
"version_value": "11.0.400"
}
]
}
}
]
},
"vendor_name": "McAfee"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Application Protection Bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104299",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104299"
},
{
"name": "1040895",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040895"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
]
},
"source": {
"advisory": "SB10233",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2018-6664",
"datePublished": "2018-05-25T13:00:00.000Z",
"dateReserved": "2018-02-06T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:54:18.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}