- Data Loss Prevention (DLP) for Windows - Exploiting Incorrectly Configured Access Control Security Levels vulnerability
CVE-2018-6683

7.2HIGH

Key Information:

Vendor

Mcafee
Status
Data Loss Prevention (dlp) For Windows
Vendor
CVE Published:
23 July 2018

What is CVE-2018-6683?

Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions prior to 10.0.505 and 11.0.405 allows local users to bypass DLP policy via editing of local policy files when offline.

Affected Version(s)

Data Loss Prevention (DLP) for Windows 10.x < 10.0.505

Data Loss Prevention (DLP) for Windows 11.x < 11.0.405

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.