Description
SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10098
Scores
EPSS
0.0031
EPSS Percentile
54.3%
Details
CWE
CWE-89
Status
published
Products (1)
mcafee/data_loss_prevention_endpoint
< 9.3.300
Published
Feb 17, 2015
Tracked Since
Feb 18, 2026