CVE-2021-31842 - CERT CVE
ID CVE-2021-31842
Sažetak XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2021 Update allows a local user to initiate high CPU and memory consumption resulting in a Denial of Service attack through carefully editing the EPDeploy.xml file and then executing the setup process.
Reference
CVSS
Base: 2.1
Impact: 2.9
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
LOCAL LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE PARTIAL
CVSS vektor AV:L/AC:L/Au:N/C:N/I:N/A:P
Zadnje važnije ažuriranje 07-11-2023 - 03:35
Objavljeno 17-09-2021 - 14:15