Vulnerability Description
The protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. This allowed a local user to bypass DLP controls when uploading sensitive data from a mapped drive into a web email client. Loading from a local driver was correctly prevented. Versions prior to 11.9 correctly detected and blocked the attempted upload of sensitive data.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Trellix | Data Loss Prevention | >= 11.9.0, < 11.10.0 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://kcm.trellix.com/corporate/index?page=content&id=SB10394&locale=en_USMitigationVendor Advisory
- https://kcm.trellix.com/corporate/index?page=content&id=SB10394&locale=en_USMitigationVendor Advisory
FAQ
What is CVE-2023-0400?
CVE-2023-0400 is a vulnerability with a CVSS score of 5.9 (MEDIUM). The protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. This allowed a local user to bypass DLP controls when uploading sensitive data from a mapped drive into ...
How severe is CVE-2023-0400?
CVE-2023-0400 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-0400?
Check the references section above for vendor advisories and patch information. Affected products include: Trellix Data Loss Prevention, Microsoft Windows.