Local Information Disclosure in McAfee Network Data Loss Prevention
CVE-2014-8528

Currently unrated

Key Information:

Vendor: Mcafee
Status: Network Data Loss Prevention
Vendor: CVE Published:; 29 October 2014

Summary

McAfee Network Data Loss Prevention (NDLP) versions before 9.3 contain a vulnerability where session IDs are logged without proper restrictions. This logging allows local users to access the audit log and potentially obtain sensitive session information. Addressing this security issue is critical to maintaining data confidentiality and preventing unauthorized access.

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 29, 2014