CVE-2014-6064: Infoleak
First published: Tue Sep 02 2014(Updated: )
The Accounts tab in the administrative user interface in McAfee Web Gateway (MWG) before 7.3.2.9 and 7.4.x before 7.4.2 allows remote authenticated users to obtain the hashed user passwords via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee Web Gateway | >=7.3.0<7.3.2.9 | |
| McAfee Web Gateway | >=7.4.0<7.4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-6064?
CVE-2014-6064 has been rated as a medium severity vulnerability due to its potential to expose hashed user passwords.
How do I fix CVE-2014-6064?
To mitigate CVE-2014-6064, upgrade McAfee Web Gateway to version 7.4.2 or later.
Who is affected by CVE-2014-6064?
CVE-2014-6064 affects users of McAfee Web Gateway versions prior to 7.3.2.9 and 7.4.x prior to 7.4.2.
What type of vulnerability is CVE-2014-6064?
CVE-2014-6064 is a security vulnerability that allows remote authenticated users to access hashed passwords.
When was CVE-2014-6064 published?
CVE-2014-6064 was published in October 2014.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/mcafee
- canonical/mcafee web gateway
- version/mcafee web gateway/7.3.0
- version/mcafee web gateway/7.4.0