Data Loss Prevention Vulnerability in McAfee NDLP
CVE-2014-8524

Currently unrated

Key Information:

Vendor: Mcafee
Status: Network Data Loss Prevention
Vendor: CVE Published:; 29 October 2014

Summary

McAfee Network Data Loss Prevention (NDLP) prior to version 9.3 fails to properly manage the autocomplete settings for password and sensitive fields. This oversight permits remote attackers to potentially capture sensitive information through various unspecified methods. Organizations utilizing this software should take immediate action to mitigate risks associated with unprotected autocomplete functionalities.

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 29, 2014