CVE-2009-2312

SmartFilter Web Gateway Security <4.2.1.00 - Privilege Escalation

Title source: llm
STIX 2.1

Description

SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in config.txt and uses insecure permissions for this file, which allows local users to gain privileges.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/49338
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/34390
Third Party Advisory mailing-list x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0314.html

Scores

EPSS 0.0004
EPSS Percentile 13.6%

Details

CWE
CWE-310
Status published
Products (1)
mcafee/smartfilter 4.2.1.00
Published Jul 02, 2009
Tracked Since Feb 18, 2026