Lucene search

[email protected]CVE-2013-7104

HistoryDec 14, 2013 - 5:21 p.m.

CVE-2013-7104

2013-12-1417:21:00

CWE-78

[email protected]

web.nvd.nist.gov

mcafee

email gateway

cve-2013-7104

nvd

security

remote attack

7.4 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.1%

JSON

McAfee Email Gateway 7.6 allows remote authenticated administrators to execute arbitrary commands by specifying them in the value attribute in a (1) Command or (2) Script XML element. NOTE: this issue can be combined with CVE-2013-7092 to allow remote attackers to execute commands.

CPENameOperatorVersion
mcafee:email_gatewaymcafee email gatewayeq7.6

CPE	Name	Operator	Version
mcafee:email_gateway	mcafee email gateway	eq	7.6

References

osvdb.org/100581

packetstormsecurity.com/files/124277/McAfee-Email-Gateway-7.6-Command-Execution-SQL-Injection.html

seclists.org/fulldisclosure/2013/Dec/18

www.securityfocus.com/bid/64150

exchange.xforce.ibmcloud.com/vulnerabilities/90163

7.4 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.1%

JSON

Related for CVE-2013-7104

prion3 cvelist3 nessus1 openvas1 seebug2 cve2