Information Disclosure Vulnerability in McAfee Enterprise Mobility Manager
CVE-2012-4591

Currently unrated

Key Information:

Vendor: Mcafee
Status: Enterprise Mobility Manager
Vendor: CVE Published:; 22 August 2012

Summary

The About.aspx page in McAfee's Enterprise Mobility Manager (EMM) versions prior to 10.0 has a security flaw that exposes the names of user accounts associated with the IIS worker process. This vulnerability can be exploited by remote attackers, allowing them to retrieve potentially sensitive account information simply by accessing the affected page. Organizations using these vulnerable versions of EMM are urged to update their software to mitigate risks associated with this disclosure.

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/78221

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Aug 22, 2012
Vulnerability Reserved
Aug 22, 2012