Data Exposure in McAfee Email Security Products
CVE-2012-4584

Currently unrated

Key Information:

Vendor: Mcafee
Status: Email And Web Security; Email Gateway
Vendor: CVE Published:; 22 August 2012

Summary

An encryption flaw exists in McAfee Email and Web Security and Email Gateway products, allowing unauthorized access to sensitive data contained in system backup files. Remote authenticated users could exploit this weakness to retrieve sensitive information, such as password hashes, by accessing inadequately protected backup files. This vulnerability necessitates prompt updating of affected product versions to mitigate security risks associated with data exposure.

References

http://archives.neohapsis.com/archives/bugtraq/2012-03/01...

mailing-listx_refsource_BUGTRAQ

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 22, 2012
Vulnerability Reserved
Aug 22, 2012