CVE-2012-4591: Infoleak
First published: Wed Aug 22 2012(Updated: )
About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 discloses the name of the user account for an IIS worker process, which allows remote attackers to obtain potentially sensitive information by visiting this page.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee Enterprise Mobility Manager | <=9.6 | |
| McAfee Enterprise Mobility Manager | =4.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-4591?
CVE-2012-4591 is considered to have a moderate severity level due to the potential for sensitive information disclosure.
How do I fix CVE-2012-4591?
To mitigate CVE-2012-4591, upgrade to McAfee Enterprise Mobility Manager version 10.0 or later.
What type of information does CVE-2012-4591 expose?
CVE-2012-4591 exposes the name of the user account for an IIS worker process, potentially leading to information disclosure.
Which versions of McAfee Enterprise Mobility Manager are affected by CVE-2012-4591?
CVE-2012-4591 affects McAfee Enterprise Mobility Manager versions prior to 10.0, specifically 4.7 and up to 9.6.
Can CVE-2012-4591 be exploited remotely?
Yes, CVE-2012-4591 can be exploited remotely by attackers visiting the vulnerable About.aspx page.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- vendor/mcafee
- canonical/mcafee enterprise mobility manager
- version/mcafee enterprise mobility manager/9.6
- version/mcafee enterprise mobility manager/4.7