Vulnerability Details : CVE-2021-31845
A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Discover prior to 11.6.100 allows an attacker in the same network as the DLP Discover to execute arbitrary code through placing carefully constructed Ami Pro (.sam) files onto a machine and having DLP Discover scan it, leading to remote code execution with elevated privileges. This is caused by the destination buffer being of fixed size and incorrect checks being made on the source size.
Vulnerability category: OverflowExecute code
Products affected by CVE-2021-31845
- cpe:2.3:a:mcafee:data_loss_prevention_discover:*:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:data_loss_prevention_discover:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-31845
0.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 34 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-31845
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.0
|
MEDIUM | AV:N/AC:M/Au:S/C:P/I:P/A:P |
6.8
|
6.4
|
NIST | |
7.3
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
1.3
|
5.9
|
NIST | |
8.4
|
HIGH | CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H |
1.7
|
6.0
|
McAfee (DEFUNCT) | |
8.4
|
HIGH | CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H |
1.7
|
6.0
|
Trellix |
CWE ids for CVE-2021-31845
-
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.Assigned by:
- nvd@nist.gov (Primary)
- psirt@mcafee.com (Primary)
- trellixpsirt@trellix.com (Secondary)
References for CVE-2021-31845
-
https://kc.mcafee.com/corporate/index?page=content&id=SB10368
Security Bulletin - Data Loss Prevention (DLP) Endpoint Windows and DLP Discover updates fix two vulnerabilities (CVE-2021-31844, CVE-2021-31845)Broken Link
Jump to