Improper Access Control in McAfee Email and Web Security and Gateway
CVE-2012-4586

Currently unrated

Key Information:

Vendor: Mcafee
Status: Email And Web Security; Email Gateway
Vendor: CVE Published:; 22 August 2012

Summary

An improper access control vulnerability exists in McAfee Email and Web Security versions prior to 5.5 Patch 6 and 5.6 before Patch 3, as well as in McAfee Email Gateway 7.0 before Patch 1. This issue allows remote authenticated users to access files with root user privileges, potentially bypassing intended permission settings. Exploiting this vulnerability can lead to unauthorized access to sensitive files, posing a significant risk to the confidentiality and integrity of the affected systems.

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 22, 2012