CVE-2012-4595

EPSS 0.35%
Published 22.08.2012 10:42:05
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 through Patch 3, and McAfee Email Gateway (MEG) 7.0.0 and 7.0.1, allows remote attackers to bypass authentication and obtain an admin session ID via unspecified vectors.

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Mcafee ≫ Email And Web Security Version5.5

Mcafee ≫ Email And Web Security Version5.6

Mcafee ≫ Email Gateway Version7.0.0

Mcafee ≫ Email Gateway Version7.0.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.35%	0.544

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://www.securitytracker.com/id?1027444

https://exchange.xforce.ibmcloud.com/vulnerabilities/77977

https://kc.mcafee.com/corporate/index?page=content&id=SB10026

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2012-4595

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-4595

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-4595

EUVD