Description
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows remote authenticated users to bypass intended permission settings by requesting a file.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10020
Scores
EPSS
0.0011
EPSS Percentile
28.8%
Details
CWE
CWE-264
Status
published
Products (4)
mcafee/email_and_web_security
5.0
mcafee/email_and_web_security
5.5
mcafee/email_and_web_security
5.6
mcafee/email_gateway
7.0
Published
Aug 22, 2012
Tracked Since
Feb 18, 2026