Mcafee Network Data Loss Prevention — known CVE vulnerabilities
Every CVE whose affected-product data names Mcafee Network Data Loss Prevention, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (31)
CVE-2017-4014 — CVSS 8.0 (high): Session Side jacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to…
CVE-2014-8530 — CVSS 7.5 (high): Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to obtain sensitive information…
CVE-2014-8522 — CVSS 7.5 (high): The MySQL database in McAfee Network Data Loss Prevention (NDLP) before 9.3 does not require a password, which makes it easier for remote…
CVE-2017-3968 — CVSS 7.5 (high): Session fixation vulnerability in the web interface in McAfee Network Security Manager (NSM) before 8.2.7.42.2 and McAfee Network Data Loss…
CVE-2017-3935 — CVSS 7.5 (high): Network Data Loss Prevention is vulnerable to MIME type sniffing which allows older versions of Internet Explorer to perform MIME-sniffing…
CVE-2014-8533 — CVSS 7.5 (high): McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to execute arbitrary code via vectors related to ICMP…
CVE-2014-8523 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to hijack…
CVE-2014-8531 — CVSS 6.5 (medium): The TLS/SSL Server in McAfee Network Data Loss Prevention (NDLP) before 9.3 uses weak cipher algorithms, which makes it easier for remote…
CVE-2017-4012 — CVSS 6.5 (medium): Privilege Escalation vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to…
CVE-2017-4011 — CVSS 6.1 (medium): Embedding Script (XSS) in HTTP Headers vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote…
CVE-2017-3934 — CVSS 5.9 (medium): Missing HTTP Strict Transport Security state information vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x…
CVE-2017-3933 — CVSS 5.4 (medium): Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users…
CVE-2017-4017 — CVSS 5.3 (medium): User Name Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to view user information via…
CVE-2017-4013 — CVSS 5.3 (medium): Banner Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to obtain product information…
CVE-2017-4016 — CVSS 5.3 (medium): Web Server method disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to exploit and find…
CVE-2014-8524 — CVSS 5.0 (medium): McAfee Network Data Loss Prevention (NDLP) before 9.3 does not disable the autocomplete setting for the password and other fields, which…
CVE-2014-8525 — CVSS 5.0 (medium): McAfee Network Data Loss Prevention (NDLP) before 9.3 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie…
CVE-2004-0230 — CVSS 5.0 (medium): TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service…
CVE-2014-8520 — CVSS 5.0 (medium): McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to obtain sensitive information via vectors related to open…
CVE-2014-8535 — CVSS 4.6 (medium): McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to bypass intended restriction on unspecified functionality via…
CVE-2017-4015 — CVSS 4.5 (medium): Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to inject…
CVE-2014-8532 — CVSS 3.6 (low): Unspecified vulnerability in McAfee Network Data Loss Prevention before (NDLP) before 9.3 allows local users to obtain sensitive…
CVE-2014-8527 — CVSS 3.6 (low): McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information and affect integrity via vectors…
CVE-2014-8521 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote authenticated users to…
CVE-2014-8537 — CVSS 2.1 (low): McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading the logs.
CVE-2014-8536 — CVSS 2.1 (low): McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error…
CVE-2014-8519 — CVSS 2.1 (low): Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to read arbitrary files via unknown…
CVE-2014-8534 — CVSS 2.1 (low): Unspecified vulnerability in the login form in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to cause a denial…
CVE-2014-8529 — CVSS 2.1 (low): McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which allows local users to obtain sensitive…
CVE-2014-8526 — CVSS 2.1 (low): McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information by reading a Java stack trace.
CVE-2014-8528 — CVSS 2.1 (low): McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs, which allows local users to obtain sensitive information by reading…