Lucene search

[email protected]CVE-2010-2116

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-2116

2022-10-0316:21:08

CWE-732

[email protected]

web.nvd.nist.gov

mcafee

email gateway

ironmail

cve-2010-2116

remote access

authenticated users

6.7 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.5%

JSON

The web interface in McAfee Email Gateway (formerly IronMail) 6.7.1 allows remote authenticated users, with only Read privileges, to gain Write privileges to modify configuration via the save action in a direct request to admin/systemWebAdminConfig.do.

Affected configurations

NVD

Node

mcafeeemail_gatewayMatch6.7.1

mcafeesecure_mailMatch6.7.1

CPENameOperatorVersion
mcafee:email_gatewaymcafee email gatewayeq6.7.1
mcafee:secure_mailmcafee secure maileq6.7.1

CPE	Name	Operator	Version
mcafee:email_gateway	mcafee email gateway	eq	6.7.1
mcafee:secure_mail	mcafee secure mail	eq	6.7.1

References

osvdb.org/64832

secunia.com/advisories/39881

www.cybsec.com/vuln/cybsec_advisory_2010_0501_Ironmail_Advisory_Web_Access_Broken.pdf

www.securitytracker.com/id?1024018

www.vupen.com/english/advisories/2010/1239

6.7 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.5%

JSON

Related for CVE-2010-2116

nvd1 prion1 cvelist1