CVE-2020-7268

MEDIUM

Mcafee Email Gateway < 7.6.406 - Path Traversal

Title source: rule

Description

Path Traversal vulnerability in McAfee McAfee Email Gateway (MEG) prior to 7.6.406 allows remote attackers to traverse the file system to access files or directories that are outside of the restricted directory via external input to construct a path name that should be within a restricted directory.

References (1)

[Vendor Advisory] https://kc.mcafee.com/corporate/index?page=content&id=SB10323

Scores

CVSS v3 4.3

EPSS 0.0015

EPSS Percentile 35.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Classification

CWE

CWE-22

Status published

Affected Products (1)

mcafee/email_gateway < 7.6.406

Timeline

Published Sep 16, 2020

Tracked Since Feb 18, 2026