CVE-2021-31849

SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension.
References
Configurations

Configuration 1

cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:*:*:*:*:*:*:*

Information

Published : 2021-11-01 08:15

Updated : 2021-11-03 02:58


NVD link : CVE-2021-31849

Mitre link : CVE-2021-31849

CWE