Security Advisory

CVE-2021-4088

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-01-24 16:00:14

Last updated 2024-08-03 17:16:03

Assigner trellix

State PUBLISHED

Description

SQL injection vulnerability in Data Loss Protection (DLP) ePO extension 11.8.x prior to 11.8.100, 11.7.x prior to 11.7.101, and 11.6.401 allows a remote authenticated attacker to inject unfiltered SQL into the DLP part of the ePO database. This could lead to remote code execution on the ePO server with privilege escalation.

← Browse all CVEs View on cve.org ↗