CVE-2012-4586

McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows remote authenticated users to bypass intended permission settings by requesting a file.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mcafee:email_and_web_security:5.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:email_and_web_security:5.5:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:email_and_web_security:5.6:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:email_gateway:7.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-08-22 10:42

Updated : 2024-02-28 12:00


NVD link : CVE-2012-4586

Mitre link : CVE-2012-4586

CVE.ORG link : CVE-2012-4586


JSON object : View

Products Affected

mcafee

  • email_gateway
  • email_and_web_security
CWE
CWE-264

Permissions, Privileges, and Access Controls