XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2021 Update allows a local user to initiate high CPU and memory consumption resulting in a Denial of Service attack through carefully editing the EPDeploy.xml file and then executing the setup process.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: trellix
Published: 2021-09-17T13:35:12
Updated: 2021-09-17T13:35:12
Reserved: 2021-04-27T00:00:00
Link: CVE-2021-31842
JSON object: View
NVD Information
Status : Modified
Published: 2021-09-17T14:15:08.097
Modified: 2023-11-07T03:35:05.880
Link: CVE-2021-31842
JSON object: View
Redhat Information
No data.
CWE