Escanear grátis
LOWCVE-2019-3591CVSS 3.9

DLP Endpoint ePO extension vulnerable to XSS

traduzindo…

Plataforma

windows

Componente

mcafee-data-loss-prevention-epo-extension

Corrigido em

11.3.0

AI Confidence: highNVDEPSS 0.2%Revisado: mai. de 2026
Ver no NVD
Salvar
Traduzindo para o seu idioma…

CVE-2019-3591 describes a cross-site scripting (XSS) vulnerability within the McAfee Data Loss Prevention (DLPe) ePO extension. This flaw allows an unauthenticated remote user to inject malicious JavaScript code into the ePO user interface. The vulnerability affects versions 11.0.0 through 11.3.0 of the extension and is mitigated by upgrading to version 11.3.0 or later.

Impacto e Cenários de Ataquetraduzindo…

An attacker exploiting CVE-2019-3591 can execute arbitrary JavaScript code within the context of the ePO user interface. This could lead to the theft of sensitive information, such as user credentials or configuration data. The attacker could also potentially manipulate the ePO interface to display misleading information or perform unauthorized actions. The attack vector involves crafting a malicious upload that is initially blocked by DLPe Web Protection, but then triggers XSS when a DLP administrator views the event within the ePO UI. This highlights a critical flaw in the handling of seemingly blocked content.

Contexto de Exploraçãotraduzindo…

CVE-2019-3591 was published on July 24, 2019. The CVSS score is LOW (3.9). There are no publicly known active campaigns targeting this vulnerability. No evidence of exploitation in the wild has been reported. The vulnerability is not listed on KEV or EPSS, indicating a low probability of exploitation.

Inteligência de Ameaças

Status do Exploit

Prova de ConceitoDesconhecido
CISA KEVNO
Exposição na InternetBaixa

EPSS

0.16% (percentil 37%)

Vetor CVSS

INTELIGÊNCIA DE AMEAÇAS· CVSS 3.1CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N3.9LOWAttack VectorLocalComo o atacante alcança o alvoAttack ComplexityLowCondições necessárias para explorarPrivileges RequiredLowNível de autenticação necessárioUser InteractionRequiredSe a vítima precisa tomar uma açãoScopeUnchangedImpacto além do componente afetadoConfidentialityLowRisco de exposição de dados sensíveisIntegrityLowRisco de modificação não autorizada de dadosAvailabilityNoneRisco de interrupção de serviçonextguardhq.com · Pontuação Base CVSS v3.1
O que significam essas métricas?
Attack Vector
Local — o atacante precisa de sessão local ou shell no sistema.
Attack Complexity
Baixa — sem condições especiais. O atacante pode explorar de forma confiável.
Privileges Required
Baixo — qualquer conta de usuário válida é suficiente.
User Interaction
Necessária — a vítima deve abrir um arquivo, clicar em um link ou visitar uma página.
Scope
Inalterado — impacto limitado ao componente vulnerável.
Confidentiality
Baixo — acesso parcial ou indireto a alguns dados.
Integrity
Baixo — o atacante pode modificar alguns dados com alcance limitado.
Availability
Nenhum — sem impacto na disponibilidade.

Software Afetado

Componentemcafee-data-loss-prevention-epo-extension
FornecedorMcAfee, LLC
Faixa afetadaCorrigido em
11.x – 11.3.011.3.0

Linha do tempo

  1. Reservado
  2. Publicada
  3. Modificada
  4. EPSS atualizado

Mitigação e Soluções Alternativastraduzindo…

The primary mitigation for CVE-2019-3591 is to upgrade the McAfee Data Loss Prevention (DLPe) ePO extension to version 11.3.0 or later. If an immediate upgrade is not feasible, consider implementing stricter input validation and output encoding within the ePO extension to prevent the injection of malicious scripts. While a direct WAF rule is unlikely to be effective due to the nature of the XSS, reviewing and tightening DLPe Web Protection rules to more aggressively filter potentially malicious uploads is recommended. After upgrading, confirm the vulnerability is resolved by attempting a crafted upload and verifying that the JavaScript is not executed.

Como corrigirtraduzindo…

Actualice la extensión McAfee Data Loss Prevention ePO a la versión 11.3.0 o posterior. Esta actualización corrige la vulnerabilidad XSS que permite la ejecución de JavaScript no autorizado en la interfaz de usuario de ePO.

Boletim de Segurança CVE

Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.

Perguntas frequentestraduzindo…

What is CVE-2019-3591 — XSS in McAfee Data Loss Prevention ePO?

CVE-2019-3591 is a cross-site scripting (XSS) vulnerability affecting McAfee Data Loss Prevention (DLPe) ePO extension versions 11.0.0–11.3.0. An attacker can inject JavaScript code via a crafted upload, potentially compromising DLP admin accounts.

Am I affected by CVE-2019-3591 in McAfee Data Loss Prevention ePO?

You are affected if you are using McAfee Data Loss Prevention (DLPe) ePO extension versions 11.0.0 through 11.3.0. Check your ePO version and upgrade if necessary.

How do I fix CVE-2019-3591 in McAfee Data Loss Prevention ePO?

Upgrade the McAfee Data Loss Prevention (DLPe) ePO extension to version 11.3.0 or later to resolve this XSS vulnerability. Consider stricter input validation as an interim measure.

Is CVE-2019-3591 being actively exploited?

There is no evidence of active exploitation of CVE-2019-3591 in the wild, and it is not listed on KEV or EPSS, suggesting a low exploitation probability.

Where can I find the official McAfee advisory for CVE-2019-3591?

Refer to the McAfee Security Bulletin for details: https://kc.mcafee.com/corporate/details/kb/137321

Seu projeto está afetado?

Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.

Escanear grátisBuscar CVEs