CPE-6C736628-D420-4BF8-9F5E-D2698577EB84 Detail

CPE Details

McAfee Data Exchange Layer 5.0.0

Vendor

mcafee

Product

data_exchange_layer

Version

5.0.0

Created

2019-04-11
17h44 +00:00

Modified

2021-05-18
13h07 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:mcafee:data_exchange_layer:5.0.0:::::::*

Informations

Vendor

mcafee

Product

data_exchange_layer

Version

5.0.0

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2022-2188	2022-11-07 11h26 +00:00	Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the DXL Broker.	6.5	Medium
CVE-2020-7252	2020-02-17 05h35 +00:00	Unquoted service executable path in DXL Broker in McAfee Data eXchange Layer (DXL) Framework 6.0.0 and earlier allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files.	5.5	Medium
CVE-2019-3612	2019-04-10 18h10 +00:00	Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line.	4.4	Medium
CVE-2019-1559	2019-02-27 23h00 +00:00	If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).	5.9	Medium

McAfee Data Exchange Layer 5.0.0

CPE Details

CPE Name: cpe:2.3:a:mcafee:data_exchange_layer:5.0.0:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:mcafee:data_exchange_layer:5.0.0:::::::*