McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows remote authenticated users to bypass intended permission settings by requesting a file.
References
Link | Resource |
---|---|
https://kc.mcafee.com/corporate/index?page=content&id=SB10020 | Vendor Advisory |
https://kc.mcafee.com/corporate/index?page=content&id=SB10020 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:43
Type | Values Removed | Values Added |
---|---|---|
References | () https://kc.mcafee.com/corporate/index?page=content&id=SB10020 - Vendor Advisory |
Information
Published : 2012-08-22 10:42
Updated : 2024-11-21 01:43
NVD link : CVE-2012-4586
Mitre link : CVE-2012-4586
CVE.ORG link : CVE-2012-4586
JSON object : View
Products Affected
mcafee
- email_and_web_security
- email_gateway
CWE
CWE-264
Permissions, Privileges, and Access Controls