McAfee Web Gateway (MWG) - Configuration/Environment manipulation vulnerability
CVE-2018-6678

3.4LOW

Key Information:

Vendor: Mcafee
Status: Mcafee Web Gateway (mwg)
Vendor: CVE Published:; 23 July 2018

What is CVE-2018-6678?

Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors.

Affected Version(s)

McAfee Web Gateway (MWG) x86 7.8.1 < 7.8.1*

McAfee Web Gateway (MWG) x86 7.8.2 < 7.8.2*

References

http://www.securityfocus.com/bid/104893

vdb-entryx_refsource_BID

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.4

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 23, 2018
Vulnerability Reserved
Feb 6, 2018

Mcafee

What is CVE-2018-6678?

Affected Version(s)

References

CVSS V3.1

Timeline