CVE-2020-7302

DLP ePO extension - Unrestricted Upload of File with Dangerous Type

CVSS 5.4 MEDIUMEPSS 0.7%CWE-434

Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management section via lack of sanity checking.

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

Produtos afetados

McAfee · DLP ePO extension

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://kc.mcafee.com/corporate/index?page=content&id=SB10326