CVE-2012-4586

McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows remote authenticated users to bypass intended permission settings by requesting a file.

Published: Aug 22, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-4586
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.5
AV:N/AC:M/Au:S/C:P/I:N/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
mcafee / email_and_web_security	5.6	5.6.x
mcafee / email_and_web_security	5.0	5.0.x
mcafee / email_and_web_security	5.5	5.5.x
mcafee / email_gateway	7.0	7.0.x

https://kc.mcafee.com/corporate/index?page=content&id=SB10020

Vulnerability Database

289,784

CVE-2012-4586