Vulnerability in Mcafee Data_exchange_layer
CVE-2022-2188
Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the…
EPSS: 0.001 (4.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H.
Affected products
Weakness classification (CWE)
References
- trellixpsirt@trellix.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2022-2188?
- CVE-2022-2188 is a medium-severity vulnerability in Mcafee Data_exchange_layer, classified under Incorrect Permission Assignment for Critical Resource. CVSS score: 6.5/10. Published 2022-11-07.
- How severe is CVE-2022-2188?
- Medium severity. CVSS v3 base score is 6.5 out of 10.