CVE-2022-2188

MEDIUM

DXL Broker <6.0.0.280 - Privilege Escalation

Title source: llm

Description

Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the DXL Broker.

References (1)

[Vendor Advisory] https://kcm.trellix.com/corporate/index?page=content&id=SB10383

Scores

CVSS v3 6.5

EPSS 0.0010

EPSS Percentile 28.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Classification

CWE

CWE-732

Status published

Affected Products (1)

mcafee/data_exchange_layer < 6.0.0.280

Timeline

Published Nov 07, 2022

Tracked Since Feb 18, 2026