Password Reset Vulnerability in McAfee Email and Web Security and McAfee Email Gateway
CVE-2012-4582

Currently unrated

Key Information:

Vendor: Mcafee
Status: Email And Web Security; Email Gateway
Vendor: CVE Published:; 22 August 2012

What is CVE-2012-4582?

McAfee Email and Web Security and McAfee Email Gateway are susceptible to a vulnerability that allows remote authenticated users to reset the passwords of arbitrary administrative accounts, potentially leading to unauthorized access. This issue arises from unspecified vectors that bypass security controls. Affected versions include McAfee Email and Web Security 5.x before Patch 6, 5.6 before Patch 3, and McAfee Email Gateway 7.0 before Patch 1. Users of these products should apply the latest patches to mitigate the risk.

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

http://archives.neohapsis.com/archives/bugtraq/2012-03/01...

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 22, 2012
Vulnerability Reserved
Aug 22, 2012

Mcafee

What is CVE-2012-4582?

References

Timeline