CVE-2012-4588
McAfee Enterprise Mobility Manager < 4.8 and Agent < 10.0 - Denial of Service via Invalid Username Login Attempts
Title source: llmDescription
McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1 record all invalid usernames presented in failed login attempts, and place them on a list of accounts that an administrator may wish to unlock, which allows remote attackers to cause a denial of service (excessive list size in the EMM Database) via a long sequence of login attempts with different usernames.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10021
Scores
EPSS
0.0044
EPSS Percentile
63.5%
Details
CWE
CWE-255
Status
published
Products (2)
mcafee/enterprise_mobility_manager
< 4.7
mcafee/enterprise_mobility_manager_agent
< 10.0
Published
Aug 22, 2012
Tracked Since
Feb 18, 2026