| |
Vulnerability CVE-2020-7302
Published: 2020-08-13
| Description: |
Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management section via lack of sanity checking. |
Type:
CWE-434 (Unrestricted Upload of File with Dangerous Type)
CVSS2 => (AV:N/AC:L/Au:S/C:N/I:P/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
5.5/10 |
4.9/10 |
8/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
Single time |
| Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
Partial |
References: |
https://kc.mcafee.com/corporate/index?page=content&id=SB10326
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
