Vulnerabilities > Mcafee > Data Exchange Layer > 2.0.0.430.1

DATE CVE VULNERABILITY TITLE RISK
2022-11-07 CVE-2022-2188 Incorrect Permission Assignment for Critical Resource vulnerability in Mcafee Data Exchange Layer
Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory.
local
low complexity
mcafee CWE-732
5.5
5.5
2020-02-17 CVE-2020-7252 Unquoted Search Path or Element vulnerability in Mcafee Data Exchange Layer
Unquoted service executable path in DXL Broker in McAfee Data eXchange Layer (DXL) Framework 6.0.0 and earlier allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files.
local
low complexity
mcafee CWE-428
5.5
5.5
2016-04-08 CVE-2016-3984 Improper Access Control vulnerability in Mcafee products
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.
local
low complexity
mcafee CWE-284
5.1
5.1