Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DLP Endpoint log file redirection to arbitrary locations
Vulnerability Description
Files or Directories Accessible to External Parties in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows authenticated user to redirect DLPe log files to arbitrary locations via incorrect access control applied to the DLPe log folder allowing privileged users to create symbolic links.
CVSS Information
N/A
Vulnerability Type
对外部实体的文件或目录可访问
Vulnerability Title
McAfee Data Loss Prevention Endpoint 访问控制错误漏洞
Vulnerability Description
McAfee Data Loss Prevention Endpoint(DLPe)是美国迈克菲(McAfee)公司的一套集成式终端数据保护解决方案。该方案能够防止机密数据被盗和意外泄露,并提供针对文件处理和传输的安全策略、共享终端数据流控制和数据加密等功能。 基于Windows平台的McAfee DLPe 11.3.0之前的11.x版本中存在安全漏洞,该漏洞源于程序没有对DLPe日志文件夹进行正确的访问控制。攻击者可利用该漏洞将DLPe日志文件重定向到任意位置。
CVSS Information
N/A
Vulnerability Type
N/A