McAfee Web Gateway denial of service attack due to Improper Input Validation

CVE-2019-3581

7.5HIGH

Key Information

Vendor: Mcafee
Status: Mcafee Web Gateway
Vendor: CVE Published:; 9 January 2019

Summary

Improper input validation in the proxy component of McAfee Web Gateway 7.8.2.0 and later allows remote attackers to cause a denial of service via a crafted HTTP request parameter.

Affected Version(s)

McAfee Web Gateway x86 7.8.2 < 7.8.2*

McAfee Web Gateway x86 7.8.2.5

McAfee Web Gateway x86 8.0 < 8.0*

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 9, 2019
Vulnerability Reserved
Jan 3, 2019

Collectors

NVD DatabaseMitre Database