Lucene search

Web Gateway Security Vulnerabilities - 2020

cve

CVE-2020-7292

Inappropriate Encoding for output context vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows a remote attacker to cause MWG to return an ambiguous redirect response via getting a user to click on a malicious URL.

4.3CVSS

4.6AI Score

0.001EPSS

2020-07-15 03:15 PM

cve

CVE-2020-7293

Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user with low permissions to change the system's root password via improper access controls in the user interface.

9CVSS

8.9AI Score

0.0004EPSS

2020-09-15 11:15 PM

cve

CVE-2020-7294

Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to delete or download protected files via improper access controls in the REST interface.

4.6CVSS

4.7AI Score

0.0004EPSS

2020-09-15 11:15 PM

cve

CVE-2020-7295

Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to delete or download protected log data via improper access controls in the user interface.

4.6CVSS

4.7AI Score

0.0004EPSS

2020-09-15 11:15 PM

cve

CVE-2020-7296

Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to access protected configuration files via improper access control in the user interface.

5.7CVSS

5.5AI Score

0.0004EPSS

2020-09-15 11:15 PM

cve

CVE-2020-7297

Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to access protected dashboard data via improper access control in the user interface.

5.7CVSS

5.5AI Score

0.0004EPSS

2020-09-16 12:15 AM