Lucene search

[email protected]NVD:CVE-2009-2312

HistoryJul 02, 2009 - 10:30 a.m.

CVE-2009-2312

2009-07-0210:30:00

CWE-310

[email protected]

web.nvd.nist.gov

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

High

EPSS

Percentile

5.1%

JSON

SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in config.txt and uses insecure permissions for this file, which allows local users to gain privileges.

Affected configurations

Nvd

Node

mcafeesmartfilterMatch4.2.1.00

VendorProductVersionCPE
mcafeesmartfilter4.2.1.00cpe:2.3:a:mcafee:smartfilter:4.2.1.00:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mcafee	smartfilter	4.2.1.00	cpe:2.3:a:mcafee:smartfilter:4.2.1.00:::::::*

References

archives.neohapsis.com/archives/fulldisclosure/2009-03/0314.html

secunia.com/advisories/34390

exchange.xforce.ibmcloud.com/vulnerabilities/49338

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2009-2312

prion1 cve1 cvelist1 seebug1