Cross-Site Request Forgery Vulnerability in McAfee Data Loss Prevention Endpoint
CVE-2015-2759

Currently unrated

Key Information:

Vendor: Mcafee
Status: Data Loss Prevention Endpoint
Vendor: CVE Published:; 27 March 2015

Summary

The ePO extension of McAfee's Data Loss Prevention Endpoint is susceptible to multiple cross-site request forgery vulnerabilities. These vulnerabilities can be exploited by remote attackers to hijack user authentication, enabling them to make unauthorized requests. Such actions could lead to the exposure of sensitive information or unintended modifications to the database through various unknown vectors, compromising the integrity and confidentiality of user data.

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/73403

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Mar 27, 2015
Vulnerability Reserved
Mar 27, 2015