Vulnerabilities > CVE-2019-3622 - Files or Directories Accessible to External Parties vulnerability in Mcafee Data Loss Prevention Endpoint

047910
CVSS 8.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
mcafee
CWE-552
nessus

Summary

Files or Directories Accessible to External Parties in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows authenticated user to redirect DLPe log files to arbitrary locations via incorrect access control applied to the DLPe log folder allowing privileged users to create symbolic links.

Nessus

NASL familyWindows
NASL idMCAFEE_DLPE_SB10290.NASL
descriptionThe version of the McAfee Data Loss Prevention Endpoint (DLPe) Agent installed on the remote Windows host is prior to 11.1.200 or 11.2.x. It is, therefore, affected by multiple vulnerabilities: - Stored XSS in the ePO extension UI. (CVE-2019-3591) - Authenticated command injection in the ePO extension. (CVE-2019-3595) - Physical access authentication bypass. (CVE-2019-3621) - Arbitrary log file redirect. (CVE-2019-3622)
last seen2020-06-01
modified2020-06-02
plugin id127117
published2019-08-05
reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/127117
titleMcAfee DLPe Agent < 11.1.200 / 11.2.x Multiple Vulnerabilities (SB10289) (SB10290)