CVE-2009-2429

SmartFilter Web Gateway Security <4.2.1.00 - Privilege Escalation

Title source: llm
STIX 2.1

Description

SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in admin_backup.xml files and uses insecure permissions for these files, which allows local users to gain privileges. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/49338
Third Party Advisory mailing-list x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0314.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/34390

Scores

EPSS 0.0004
EPSS Percentile 13.6%

Details

CWE
CWE-255
Status published
Products (1)
mcafee/smartfilter 4.2.1.00
Published Jul 10, 2009
Tracked Since Feb 18, 2026