- Data Loss Prevention (DLP) for Windows - Exploiting Incorrectly Configured Access Control Security Levels vulnerability
CVE-2018-6683

7.2HIGH

Key Information:

Vendor: Mcafee
Status: Data Loss Prevention (dlp) For Windows
Vendor: CVE Published:; 23 July 2018

Summary

Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions prior to 10.0.505 and 11.0.405 allows local users to bypass DLP policy via editing of local policy files when offline.

Affected Version(s)

Data Loss Prevention (DLP) for Windows 10.x < 10.0.505

Data Loss Prevention (DLP) for Windows 11.x < 11.0.405

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jul 23, 2018
Vulnerability Reserved
Feb 6, 2018