Lucene search

[email protected]CVE-2012-4585

HistoryAug 22, 2012 - 10:42 a.m.

CVE-2012-4585

2012-08-2210:42:04

CWE-264

[email protected]

web.nvd.nist.gov

cve-2012-4585

mcafee

email and web security

ews

mcafee email gateway

meg

remote authentication

file reading

security vulnerability

6.4 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

45.4%

JSON

McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to read arbitrary files via a crafted URL.

Affected configurations

NVD

Node

mcafeeemail_and_web_securityMatch5.0

mcafeeemail_and_web_securityMatch5.5

mcafeeemail_and_web_securityMatch5.6

mcafeeemail_gatewayMatch7.0

CPENameOperatorVersion
mcafee:email_and_web_securitymcafee email and web securityeq5.0
mcafee:email_and_web_securitymcafee email and web securityeq5.5
mcafee:email_and_web_securitymcafee email and web securityeq5.6
mcafee:email_gatewaymcafee email gatewayeq7.0

CPE	Name	Operator	Version
mcafee:email_and_web_security	mcafee email and web security	eq	5.0
mcafee:email_and_web_security	mcafee email and web security	eq	5.5
mcafee:email_and_web_security	mcafee email and web security	eq	5.6
mcafee:email_gateway	mcafee email gateway	eq	7.0

References

archives.neohapsis.com/archives/bugtraq/2012-03/0163.html

kc.mcafee.com/corporate/index?page=content&id=SB10020

6.4 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

45.4%

JSON

Related for CVE-2012-4585

prion1 nvd1 cvelist1