CVE-2012-4592

Currently unrated

Key Information:

Vendor: Mcafee
Status: Enterprise Mobility Manager
Vendor: CVE Published:; 22 August 2012

Summary

The Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not set the secure flag for the ASP.NET session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/78220

vdb-entryx_refsource_XF

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 22, 2012
Vulnerability Reserved
Aug 22, 2012