Vulnerabilities > CVE-2019-3622 - Files or Directories Accessible to External Parties vulnerability in Mcafee Data Loss Prevention Endpoint
Attack vector
LOCAL Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Files or Directories Accessible to External Parties in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows authenticated user to redirect DLPe log files to arbitrary locations via incorrect access control applied to the DLPe log folder allowing privileged users to create symbolic links.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
| NASL family | Windows |
| NASL id | MCAFEE_DLPE_SB10290.NASL |
| description | The version of the McAfee Data Loss Prevention Endpoint (DLPe) Agent installed on the remote Windows host is prior to 11.1.200 or 11.2.x. It is, therefore, affected by multiple vulnerabilities: - Stored XSS in the ePO extension UI. (CVE-2019-3591) - Authenticated command injection in the ePO extension. (CVE-2019-3595) - Physical access authentication bypass. (CVE-2019-3621) - Arbitrary log file redirect. (CVE-2019-3622) |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 127117 |
| published | 2019-08-05 |
| reporter | This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/127117 |
| title | McAfee DLPe Agent < 11.1.200 / 11.2.x Multiple Vulnerabilities (SB10289) (SB10290) |