CVE-2015-2759

Multiple cross-site request forgery (CSRF) vulnerabilities in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allow remote attackers to hijack the authentication of users for requests that (1) obtain sensitive information or (2) modify the database via unspecified vectors.

Published: Mar 27, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-2759
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
mcafee / data_loss_prevention_endpoint	-	9.3.400.x

http://www.securityfocus.com/bid/73403
https://kc.mcafee.com/corporate/index?page=content&id=SB10111

Vulnerability Database

289,782

CVE-2015-2759