CVE-2018-6683
HIGHMcAfee Data Loss Prevention Endpoint < 10.0.505 - Local Policy Bypass via Local Policy File Editing
Title source: llmDescription
Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions prior to 10.0.505 and 11.0.405 allows local users to bypass DLP policy via editing of local policy files when offline.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10246
Scores
CVSS v3
7.4
EPSS
0.0004
EPSS Percentile
13.0%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-276
Status
published
Products (1)
mcafee/data_loss_prevention_endpoint
< 10.0.505
Published
Jul 23, 2018
Tracked Since
Feb 18, 2026