PT-2012-5492 · Mcafee · Mcafee Email/Web Security+1

Publicado

2012-08-22

·

Atualizado

2012-10-30

·

CVE-2012-4584

CVSS v2.0

3.5

Baixa

VetorAV:N/AC:M/Au:S/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions McAfee Email and Web Security (EWS) versions 5.x through 5.5 before Patch 6 McAfee Email and Web Security (EWS) version 5.6 before Patch 3 McAfee Email Gateway (MEG) version 7.0 before Patch 1
Description The issue allows remote authenticated users to obtain sensitive information by reading a backup file. This is because the system-backup data is not properly encrypted, making it easier for attackers to access sensitive information, such as password hashes.
Recommendations For McAfee Email and Web Security (EWS) versions 5.x through 5.5, apply Patch 6 to resolve the issue. For McAfee Email and Web Security (EWS) version 5.6, apply Patch 3 to resolve the issue. For McAfee Email Gateway (MEG) version 7.0, apply Patch 1 to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-310

Identificadores relacionados

CVE-2012-4584

Produtos afetados

Mcafee Email Gateway
Mcafee Email/Web Security