Описание
The web interface in McAfee Email Gateway (formerly IronMail) 6.7.1 allows remote authenticated users, with only Read privileges, to gain Write privileges to modify configuration via the save action in a direct request to admin/systemWebAdminConfig.do.
Ссылки
- Broken Link
- Vendor Advisory
- Exploit
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Broken Link
- Vendor Advisory
- Exploit
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mcafee:email_gateway:6.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:secure_mail:6.7.1:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00546
Низкий
6.5 Medium
CVSS2
Дефекты
CWE-732
Связанные уязвимости
github
больше 3 лет назад
The web interface in McAfee Email Gateway (formerly IronMail) 6.7.1 allows remote authenticated users, with only Read privileges, to gain Write privileges to modify configuration via the save action in a direct request to admin/systemWebAdminConfig.do.
EPSS
Процентиль: 67%
0.00546
Низкий
6.5 Medium
CVSS2
Дефекты
CWE-732