Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2018-6689 |
CWE-ID | CWE-592 |
Exploitation vector | Local |
Public exploit | Public exploit code for vulnerability #1 is available. |
Vulnerable software Subscribe |
McAfee Data Loss Prevention Endpoint Server applications / DLP, anti-spam, sniffers |
Vendor | McAfee |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU15365
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-6689
CWE-ID:
CWE-592 - Authentication Bypass Issues
Exploit availability: No
DescriptionThe vulnerability allows a physical attacker to bypass authentication on the target system.
The weakness exists due to unspecified flaw. A physical attacker can access a user's session on a locked Windows machine if certain DLP Endpoint configurations are made by the DLP Endpoint administrator, include hyperlinks in user notification dialogs and bypass authentication to perform specific actions on a protected machine.
The vulnerability has been fixed in the versions 10.0.510, 11.0.600.
Vulnerable software versionsMcAfee Data Loss Prevention Endpoint: 10.0.0 - 11.0.500
External linkshttp://kc.mcafee.com/corporate/index?page=content&id=SB10252
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.