CVE-2019-3622

Files or Directories Accessible to External Parties in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows authenticated user to redirect DLPe log files to arbitrary locations via incorrect access control applied to the DLPe log folder allowing privileged users to create symbolic links.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

07 Nov 2023, 03:10

Type Values Removed Values Added
References (BID) http://www.securityfocus.com/bid/109370 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/109370 -
References (CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10290 - Vendor Advisory () https://kc.mcafee.com/corporate/index?page=content&id=SB10290 -

Information

Published : 2019-07-24 16:15

Updated : 2024-02-28 17:08


NVD link : CVE-2019-3622

Mitre link : CVE-2019-3622

CVE.ORG link : CVE-2019-3622


JSON object : View

Products Affected

mcafee

  • data_loss_prevention_endpoint

microsoft

  • windows
CWE
CWE-552

Files or Directories Accessible to External Parties