First published: Thu Aug 13 2020(Updated: )
Privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows a low privileged remote attacker to create new rule sets via incorrect validation of user credentials.
Credit: psirt@mcafee.com
Affected Software | Affected Version | How to fix |
---|---|---|
Mcafee Data Loss Prevention | >=11.3.0<11.3.28 | |
Mcafee Data Loss Prevention | >=11.4.0<11.4.200 | |
Mcafee Data Loss Prevention | >=11.5.0<11.5.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-7305 is a privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3.
CVE-2020-7305 allows a low privileged remote attacker to create new rule sets via incorrect validation of user credentials in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3.
The severity of CVE-2020-7305 is rated as medium, with a severity value of 6.5.
Versions of McAfee Data Loss Prevention prior to 11.5.3 are affected by CVE-2020-7305.
To fix CVE-2020-7305, it is recommended to update McAfee Data Loss Prevention to version 11.5.3 or later.