Lucene search

[email protected]CVE-2012-4582

HistoryAug 22, 2012 - 10:42 a.m.

CVE-2012-4582

2012-08-2210:42:04

CWE-264

[email protected]

web.nvd.nist.gov

mcafee

ews

meg

security vulnerability

cve-2012-4582

password reset

nvd

4.9 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

6.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

45.5%

JSON

McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to reset the passwords of arbitrary administrative accounts via unspecified vectors.

Affected configurations

NVD

Node

mcafeeemail_and_web_securityMatch5.0

mcafeeemail_and_web_securityMatch5.5

mcafeeemail_and_web_securityMatch5.6

mcafeeemail_gatewayMatch7.0

CPENameOperatorVersion
mcafee:email_and_web_securitymcafee email and web securityeq5.0
mcafee:email_and_web_securitymcafee email and web securityeq5.5
mcafee:email_and_web_securitymcafee email and web securityeq5.6
mcafee:email_gatewaymcafee email gatewayeq7.0

CPE	Name	Operator	Version
mcafee:email_and_web_security	mcafee email and web security	eq	5.0
mcafee:email_and_web_security	mcafee email and web security	eq	5.5
mcafee:email_and_web_security	mcafee email and web security	eq	5.6
mcafee:email_gateway	mcafee email gateway	eq	7.0

References

archives.neohapsis.com/archives/bugtraq/2012-03/0160.html

kc.mcafee.com/corporate/index?page=content&id=SB10020

4.9 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

6.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

45.5%

JSON

Related for CVE-2012-4582

cvelist1 prion1 nvd1