CVE-2018-6667
CRITICALMcAfee Web Gateway 7.8.1.0-7.8.1.5 - Authentication Bypass via JMX
Title source: llmDescription
Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remote attackers to execute arbitrary code via Java management extensions (JMX).
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10241
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1041129
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104564
Scores
CVSS v3
10.0
EPSS
0.0167
EPSS Percentile
82.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (1)
mcafee/mcafee_web_gateway
7.8.1.0 - 7.8.1.5
Published
Jun 26, 2018
Tracked Since
Feb 18, 2026