Vulnerability Database

311,447

Total vulnerabilities in the database

CVE-2010-2116

The web interface in McAfee Email Gateway (formerly IronMail) 6.7.1 allows remote authenticated users, with only Read privileges, to gain Write privileges to modify configuration via the save action in a direct request to admin/systemWebAdminConfig.do.

Published: May 28, 2010
Updated: Nov 9, 2025
CVE: CVE-2010-2116
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

CWE-732

Affected Software
References

Software	From	Fixed in
mcafee / secure_mail	6.7.1	6.7.1.x
mcafee / email_gateway	6.7.1	6.7.1.x

http://osvdb.org/64832
http://secunia.com/advisories/39881
http://www.cybsec.com/vuln/cybsec_advisory_2010_0501_Ironmail_Advisory_Web_Access_Broken.pdf
http://www.securitytracker.com/id?1024018
http://www.vupen.com/english/advisories/2010/1239

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo