CVE-2021-31849

November 3, 2021

SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension.

Summary:

SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension.

Reference Links(if available):

  • https://kc.mcafee.com/corporate/index?page=content&id=SB10371

  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • Tags: , , , ,

    You may have missed

    2ca7d16d584b17da4115e413eb3205853f95dc1a60caf39f3671d89a59269145

    Ai Layoffs To Backfire: Half Quietly Rehired At Lower Pay

    October 31, 2025
    image

    [BLACKSHRANTAC] – Ransomware Victim: The Matlusky Firm LLC

    October 31, 2025
    image

    [QILIN] – Ransomware Victim: bagnoles[.]nl

    October 31, 2025
    image

    [BLACKSHRANTAC] – Ransomware Victim: ApleNet Co[.], Ltd

    October 31, 2025
    image

    [QILIN] – Ransomware Victim: Disseny Dental

    October 31, 2025