First published: Tue Sep 15 2020(Updated: )
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to access protected configuration files via improper access control in the user interface.
Credit: psirt@mcafee.com
Affected Software | Affected Version | How to fix |
---|---|---|
McAfee Web Gateway | >=7.8.0<7.8.2.23 | |
McAfee Web Gateway | >=8.2.0<8.2.11 | |
McAfee Web Gateway | >=9.0.0<9.2.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-7296.
The title of this vulnerability is 'Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to access protected configuration files via improper access control in the user interface.'
The severity of CVE-2020-7296 is medium, with a severity value of 5.7.
The versions of McAfee Web Gateway prior to 9.2.1 are affected by CVE-2020-7296.
An authenticated user can exploit CVE-2020-7296 by accessing protected configuration files via improper access control in the user interface of McAfee Web Gateway.