Improper Authorization vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attackers to change the configuration when logged in with view only privileges via carefully constructed HTTP post messages.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 05:37
Type | Values Removed | Values Added |
---|---|---|
References | () https://kc.mcafee.com/corporate/index?page=content&id=SB10326 - | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 4.6 |
07 Nov 2023, 03:25
Type | Values Removed | Values Added |
---|---|---|
References | () https://kc.mcafee.com/corporate/index?page=content&id=SB10326 - |
Information
Published : 2020-08-12 22:15
Updated : 2024-11-21 05:37
NVD link : CVE-2020-7300
Mitre link : CVE-2020-7300
CVE.ORG link : CVE-2020-7300
JSON object : View
Products Affected
mcafee
- data_loss_prevention
CWE
CWE-863
Incorrect Authorization