VYPR
Unrated severityNVD Advisory· Published Nov 1, 2021· Updated Aug 3, 2024

Data Loss Prevention (DLP) ePO extension - SQL injection

CVE-2021-31849

Description

SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.