Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
XXE vulnerability in DLP Endpoint for Windows
Vulnerability Description
Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows prior to 11.9.100 allows a remote attacker to cause the DLP Agent to access a local service that the attacker wouldn't usually have access to via a carefully constructed XML file, which the DLP Agent doesn't parse correctly.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
McAfee DLP Endpoint 代码问题漏洞
Vulnerability Description
McAfee DLP Endpoint是美国McAfee公司的一种数据丢失防护 (DLP) 端点。防止机密数据被盗和意外泄露。 McAfee DLP Endpoint 11.9.100 和 11.6.600版本存在代码问题漏洞,该漏洞源于XML 外部实体引用漏洞的不当限制,攻击者利用该漏洞可以使用 DLP Agent 访问。
CVSS Information
N/A
Vulnerability Type
N/A