Description
Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0, 3.1, and 3.5.1, McAfee Cloud Single Sign On (MCSSO) before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1 and 2.5 allows remote authenticated users to read an unspecified file containing a hash of the administrator password via unknown vectors.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/66181
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/57381
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/57368
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10066
Scores
EPSS
0.0075
EPSS Percentile
73.4%
Details
CWE
CWE-22
Status
published
Products (6)
intel/expressway_cloud_access_360
2.1
intel/expressway_cloud_access_360
2.5
mcafee/cloud_identity_manager
3.0
mcafee/cloud_identity_manager
3.1
mcafee/cloud_identity_manager
3.5.1
mcafee/cloud_single_sign_on
4.0.0
Published
Mar 18, 2014
Tracked Since
Feb 18, 2026