CVE-2012-4583

Currently unrated

Key Information:

Vendor: Mcafee
Status: Email And Web Security; Email Gateway
Vendor: CVE Published:; 22 August 2012

Summary

McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to obtain the session tokens of arbitrary users by navigating within the Dashboard.

References

http://archives.neohapsis.com/archives/bugtraq/2012-03/01...

mailing-listx_refsource_BUGTRAQ

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 22, 2012
Vulnerability Reserved
Aug 22, 2012