Vulnerabilities > Mcafee > Network Data Loss Prevention > 9.2.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-10-29 | CVE-2014-8523 | Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0/9.2.1 Cross-site request forgery (CSRF) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
| 2014-10-29 | CVE-2014-8522 | Improper Authentication vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0/9.2.1 The MySQL database in McAfee Network Data Loss Prevention (NDLP) before 9.3 does not require a password, which makes it easier for remote attackers to obtain access. | 7.5 |
| 2014-10-29 | CVE-2014-8521 | Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0/9.2.1 Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
| 2014-10-29 | CVE-2014-8520 | Information Exposure vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0/9.2.1 McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to obtain sensitive information via vectors related to open network ports. | 5.0 |
| 2004-08-18 | CVE-2004-0230 | TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. | 5.0 |