CVE-2012-4589
McAfee Enterprise Mobility Manager < 10.0 - Unauthenticated Credential Exposure via Login Form Autocomplete
Title source: llmDescription
Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/78223
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10022
Scores
EPSS
0.0012
EPSS Percentile
29.9%
Details
Status
published
Products (2)
mcafee/enterprise_mobility_manager
4.7
mcafee/enterprise_mobility_manager
< 9.6
Published
Aug 22, 2012
Tracked Since
Feb 18, 2026