CVE-2019-3622

Files or Directories Accessible to External Parties in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows authenticated user to redirect DLPe log files to arbitrary locations via incorrect access control applied to the DLPe log folder allowing privileged users to create symbolic links.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:42

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/109370 - () http://www.securityfocus.com/bid/109370 -
References () https://kc.mcafee.com/corporate/index?page=content&id=SB10290 - () https://kc.mcafee.com/corporate/index?page=content&id=SB10290 -

07 Nov 2023, 03:10

Type Values Removed Values Added
References (BID) http://www.securityfocus.com/bid/109370 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/109370 -
References (CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10290 - Vendor Advisory () https://kc.mcafee.com/corporate/index?page=content&id=SB10290 -

Information

Published : 2019-07-24 16:15

Updated : 2024-11-21 04:42


NVD link : CVE-2019-3622

Mitre link : CVE-2019-3622

CVE.ORG link : CVE-2019-3622


JSON object : View

Products Affected

microsoft

  • windows

mcafee

  • data_loss_prevention_endpoint
CWE
CWE-552

Files or Directories Accessible to External Parties