Lucene search
HistoryAug 22, 2012 - 10:42 a.m.
CVE-2012-4586
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.001
Percentile
44.4%
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows remote authenticated users to bypass intended permission settings by requesting a file.
Affected configurations
Node
mcafeeemail_and_web_securityMatch5.0
ORmcafeeemail_and_web_securityMatch5.5
ORmcafeeemail_and_web_securityMatch5.6
ORmcafeeemail_gatewayMatch7.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mcafee | email_and_web_security | 5.0 | cpe:2.3:a:mcafee:email_and_web_security:5.0:*:*:*:*:*:*:* |
| mcafee | email_and_web_security | 5.5 | cpe:2.3:a:mcafee:email_and_web_security:5.5:*:*:*:*:*:*:* |
| mcafee | email_and_web_security | 5.6 | cpe:2.3:a:mcafee:email_and_web_security:5.6:*:*:*:*:*:*:* |
| mcafee | email_gateway | 7.0 | cpe:2.3:a:mcafee:email_gateway:7.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2012-4586
2012-08-22 10:00:00
prion
prion
Design/Logic Flaw
2012-08-22 10:42:00
cve
cve
CVE-2012-4586
2012-08-22 10:42:04
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.001
Percentile
44.4%
Related for NVD:CVE-2012-4586