CVE-2012-4599

McAfee SmartFilter <4.2.1.01 - RCE

Title source: llm

Description

McAfee SmartFilter Administration, and SmartFilter Administration Bess Edition, before 4.2.1.01 does not require authentication for access to the JBoss Remote Method Invocation (RMI) interface, which allows remote attackers to execute arbitrary code via a crafted .war file.

References (1)

[Vendor Advisory] https://kc.mcafee.com/corporate/index?page=content&id=SB10029

Scores

EPSS 0.0669

EPSS Percentile 91.1%

Classification

CWE

CWE-287

Status draft

Affected Products (2)

mcafee/smartfilter_administration < 4.2.1

Timeline

Published Aug 22, 2012

Tracked Since Feb 18, 2026