Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows before 11.9.100 allows a remote malicious user to cause the DLP Agent to access a local service that the attacker wouldn't usually have access to via a carefully constructed XML file, which the DLP Agent doesn't parse correctly.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mcafee data_loss_prevention_endpoint |