CVE-2012-4588

Name of the Vulnerable Software and Affected Versions McAfee Enterprise Mobility Manager (EMM) Agent versions prior to 4.8 McAfee Enterprise Mobility Manager (EMM) Server versions prior to 10.1

Description The issue allows remote attackers to cause a denial of service by making a long sequence of login attempts with different usernames, resulting in an excessive list size in the EMM Database. This occurs because the system records all invalid usernames from failed login attempts and places them on a list of accounts that an administrator may wish to unlock.

Recommendations For McAfee Enterprise Mobility Manager (EMM) Agent versions prior to 4.8, update to version 4.8 or later to resolve the issue. For McAfee Enterprise Mobility Manager (EMM) Server versions prior to 10.1, update to version 10.1 or later to resolve the issue.