CVE-2021-31832: 
McAfee DLP Endpoint Agent vulnerability analysis and mitigation

CVE-2021-31832 is a vulnerability affecting McAfee Data Loss Prevention (DLP) Endpoint for Windows versions prior to 11.6.200. The vulnerability was discovered and disclosed in 2021, with the initial analysis being completed on June 22, 2021. It involves an improper neutralization of input in the ePO administrator extension (NVD, CVE).

The vulnerability is classified as CWE-79 (Cross-site Scripting) and received a CVSS v3.1 base score of 4.8 (Medium) from NIST with a vector of CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N. Trellix assigned a slightly higher CVSS score of 5.2 (Medium) with a vector of CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N (NVD).

The vulnerability allows a remote ePO DLP administrator to inject JavaScript code into the alert configuration text field. This injected JavaScript will be executed when an end user triggers a DLP policy on their machine (CVE).

The vulnerability has been addressed in McAfee Data Loss Prevention (DLP) Endpoint for Windows version 11.6.200 and later. Users are advised to upgrade to this version or newer to mitigate the vulnerability (NVD).