Vulnerabilities > Mcafee > Data Exchange Layer > 2.0.0.430.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-07 | CVE-2022-2188 | Incorrect Permission Assignment for Critical Resource vulnerability in Mcafee Data Exchange Layer Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. | 5.5 |
2020-02-17 | CVE-2020-7252 | Unquoted Search Path or Element vulnerability in Mcafee Data Exchange Layer Unquoted service executable path in DXL Broker in McAfee Data eXchange Layer (DXL) Framework 6.0.0 and earlier allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files. | 5.5 |
2016-04-08 | CVE-2016-3984 | Improper Access Control vulnerability in Mcafee products The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys. | 5.1 |