Web Interface Vulnerability in McAfee Email Gateway by McAfee
CVE-2010-2116

Currently unrated

Key Information:

Vendor: Mcafee
Status: Secure Mail; Email Gateway
Vendor: CVE Published:; 28 May 2010

Summary

The web interface of McAfee Email Gateway version 6.7.1 contains a vulnerability that allows remote authenticated users, who possess only Read privileges, to exploit the 'save' action via a direct request to 'admin/systemWebAdminConfig.do'. This flaw enables these users to gain Write privileges and make unauthorized modifications to the system's configuration, potentially compromising the integrity and security of the environment.

References

http://secunia.com/advisories/39881

third-party-advisoryx_refsource_SECUNIA

http://www.securitytracker.com/id?1024018

vdb-entryx_refsource_SECTRACK

http://osvdb.org/64832

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
May 28, 2010