Description
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to reset the passwords of arbitrary administrative accounts via unspecified vectors.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10020
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2012-03/0160.html
Scores
EPSS
0.0022
EPSS Percentile
44.9%
Details
CWE
CWE-264
Status
published
Products (4)
mcafee/email_and_web_security
5.0
mcafee/email_and_web_security
5.5
mcafee/email_and_web_security
5.6
mcafee/email_gateway
7.0
Published
Aug 22, 2012
Tracked Since
Feb 18, 2026