Описание
Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0, 3.1, and 3.5.1, McAfee Cloud Single Sign On (MCSSO) before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1 and 2.5 allows remote authenticated users to read an unspecified file containing a hash of the administrator password via unknown vectors.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:intel:expressway_cloud_access_360:2.1:*:*:*:*:*:*:*
cpe:2.3:a:intel:expressway_cloud_access_360:2.5:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:cloud_identity_manager:3.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:cloud_identity_manager:3.1:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:cloud_identity_manager:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:cloud_single_sign_on:4.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.0089
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0, 3.1, and 3.5.1, McAfee Cloud Single Sign On (MCSSO) before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1 and 2.5 allows remote authenticated users to read an unspecified file containing a hash of the administrator password via unknown vectors.
EPSS
Процентиль: 75%
0.0089
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-22