Lucene search

[email protected]CVE-2012-4599

HistoryAug 22, 2012 - 10:42 a.m.

CVE-2012-4599

2012-08-2210:42:05

CWE-287

[email protected]

web.nvd.nist.gov

mcafee

smartfilter

administration

authentication

jboss

rmi

remote code execution

security vulnerability

8.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.6%

JSON

McAfee SmartFilter Administration, and SmartFilter Administration Bess Edition, before 4.2.1.01 does not require authentication for access to the JBoss Remote Method Invocation (RMI) interface, which allows remote attackers to execute arbitrary code via a crafted .war file.

Affected configurations

NVD

Node

mcafeesmartfilter_administrationRange≤4.2.1

mcafeesmartfilter_administrationRange≤4.2.1bess

CPENameOperatorVersion
mcafee:smartfilter_administrationmcafee smartfilter administrationle4.2.1

CPE	Name	Operator	Version
mcafee:smartfilter_administration	mcafee smartfilter administration	le	4.2.1

References

kc.mcafee.com/corporate/index?page=content&id=SB10029

8.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.6%

JSON

Related for CVE-2012-4599

nessus1 nvd1 prion1 cvelist1