Description
McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 through Patch 3, and McAfee Email Gateway (MEG) 7.0.0 and 7.0.1, allows remote attackers to bypass authentication and obtain an admin session ID via unspecified vectors.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10026
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1027444
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/77977
Scores
EPSS
0.0035
EPSS Percentile
57.5%
Details
CWE
CWE-287
Status
published
Products (4)
mcafee/email_and_web_security
5.5
mcafee/email_and_web_security
5.6
mcafee/email_gateway
7.0.0
mcafee/email_gateway
7.0.1
Published
Aug 22, 2012
Tracked Since
Feb 18, 2026