McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows remote authenticated users to bypass intended permission settings by requesting a file.
References
Link | Resource |
---|---|
https://kc.mcafee.com/corporate/index?page=content&id=SB10020 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2012-08-22 10:42
Updated : 2024-02-28 12:00
NVD link : CVE-2012-4586
Mitre link : CVE-2012-4586
CVE.ORG link : CVE-2012-4586
JSON object : View
Products Affected
mcafee
- email_gateway
- email_and_web_security
CWE
CWE-264
Permissions, Privileges, and Access Controls