Enterprise Mobility Manager@4.7 Security Vulnerabilities and Issues — Enterprise Mobility Manager@4.7 CVE List

Lucene search

McafeeEnterprise Mobility Manager4.7

4 matches found

CVE•added 2012/08/22 10:42 a.m.•41 views

CVE-2012-4591

About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 discloses the name of the user account for an IIS worker process, which allows remote attackers to obtain potentially sensitive information by visiting this page.

5CVSS6.4AI score0.0025EPSS

CVE•added 2012/08/22 10:42 a.m.•41 views

CVE-2012-4592

The Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not set the secure flag for the ASP.NET session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

5CVSS6.7AI score0.0025EPSS

CVE•added 2012/08/22 10:42 a.m.•38 views

CVE-2012-4589

Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

2.1CVSS6.8AI score0.00117EPSS

CVE•added 2012/08/22 10:42 a.m.•34 views

CVE-2012-4590

Multiple cross-site scripting (XSS) vulnerabilities in About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 might allow remote attackers to inject arbitrary web script or HTML via the (1) User Agent or (2) Connection variable.

4.3CVSS5.9AI score0.00263EPSS