CVE-2012-4583: Infoleak
First published: Wed Aug 22 2012(Updated: )
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to obtain the session tokens of arbitrary users by navigating within the Dashboard.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee Email and Web Security | =5.0 | |
| McAfee Email and Web Security | =5.5 | |
| McAfee Email and Web Security | =5.6 | |
| McAfee Email Gateway | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/mcafee
- canonical/mcafee email and web security
- version/mcafee email and web security/5.0
- version/mcafee email and web security/5.5
- version/mcafee email and web security/5.6
- canonical/mcafee email gateway
- version/mcafee email gateway/7.0