1. CVE-Search
  2. CVE-2019-3621
ID CVE-2019-3621
Summary Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows physical local user to bypass the Windows lock screen via DLPe processes being killed just prior to the screen being locked or when the screen is locked. The attacker requires physical access to the machine.
References
Vulnerable Configurations
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.0:-:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.0:hotfix130:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.0:hotfix130:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.0:hotfix150:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.0:hotfix150:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.0:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.0:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.200:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.200:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.300:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.300:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.400:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.400:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.500:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.500:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.600:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.600:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.700:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.0.700:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.1.100:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.1.100:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.2.000:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.2.000:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.2.0.142:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:data_loss_prevention_endpoint:11.2.0.142:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 109370
confirm https://kc.mcafee.com/corporate/index?page=content&id=SB10290
Last major update 24-08-2020 - 17:37
Published 25-07-2019 - 17:15
Last modified 24-08-2020 - 17:37
Back to Top