Lucene search
MitreCVE-2012-4584HistoryAug 22, 2012 - 10:42 a.m.
CVE-2012-4584
2012-08-2210:42:04
CWE-310
mitre
web.nvd.nist.gov
24
cve-2012-4584
mcafee
email gateway
email and web security
ews
meg
encryption
information security
vulnerability
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.001
Percentile
38.1%
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, does not properly encrypt system-backup data, which makes it easier for remote authenticated users to obtain sensitive information by reading a backup file, as demonstrated by obtaining password hashes.
Affected configurations
Node
mcafeeemail_and_web_securityMatch5.0
ORmcafeeemail_and_web_securityMatch5.5
ORmcafeeemail_and_web_securityMatch5.6
ORmcafeeemail_gatewayMatch7.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mcafee | email_and_web_security | 5.0 | cpe:2.3:a:mcafee:email_and_web_security:5.0:*:*:*:*:*:*:* |
| mcafee | email_and_web_security | 5.5 | cpe:2.3:a:mcafee:email_and_web_security:5.5:*:*:*:*:*:*:* |
| mcafee | email_and_web_security | 5.6 | cpe:2.3:a:mcafee:email_and_web_security:5.6:*:*:*:*:*:*:* |
| mcafee | email_gateway | 7.0 | cpe:2.3:a:mcafee:email_gateway:7.0:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2012-08-22 10:42:00
cvelist
cvelist
CVE-2012-4584
2012-08-22 10:00:00
nvd
nvd
CVE-2012-4584
2012-08-22 10:42:04
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.001
Percentile
38.1%
Related for CVE-2012-4584