McAfee Web Gateway - Authentication Bypass vulnerability
CVE-2018-6667

10CRITICAL

Key Information:

Vendor: Mcafee
Status: Web Gateway
Vendor: CVE Published:; 26 June 2018

What is CVE-2018-6667?

Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remote attackers to execute arbitrary code via Java management extensions (JMX).

Affected Version(s)

Web Gateway x86 7.8.1.0

Web Gateway x86 <= 7.8.1.5

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1041129

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/104564

vdb-entryx_refsource_BID

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2018
Vulnerability Reserved
Feb 6, 2018

Mcafee

What is CVE-2018-6667?

Affected Version(s)

References

CVSS V3.1

Timeline