Unrated severityNVD Advisory· Published Nov 1, 2021· Updated Aug 3, 2024
Data Loss Prevention (DLP) ePO extension - SQL injection
CVE-2021-31849
Description
SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension.
Affected products
2<11.7.100+ 1 more
- (no CPE)range: <11.7.100
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- kc.mcafee.com/corporate/indexmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.