CVE-2018-6683

Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions prior to 10.0.505 and 11.0.405 allows local users to bypass DLP policy via editing of local policy files when offline.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

07 Nov 2023, 03:00

Type Values Removed Values Added
References (CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10246 - Vendor Advisory () https://kc.mcafee.com/corporate/index?page=content&id=SB10246 -

Information

Published : 2018-07-23 15:29

Updated : 2023-12-10 12:44


NVD link : CVE-2018-6683

Mitre link : CVE-2018-6683

CVE.ORG link : CVE-2018-6683


JSON object : View

Products Affected

mcafee

  • data_loss_prevention_endpoint

microsoft

  • windows
CWE
CWE-276

Incorrect Default Permissions