VYPR
Medium severity6.5NVD Advisory· Published Aug 30, 2022· Updated Jun 17, 2026

CVE-2022-2330

CVE-2022-2330

Description

Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows prior to 11.9.100 allows a remote attacker to cause the DLP Agent to access a local service that the attacker wouldn't usually have access to via a carefully constructed XML file, which the DLP Agent doesn't parse correctly.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.