CVE-2012-4588

McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1 record all invalid usernames presented in failed login attempts, and place them on a list of accounts that an administrator may wish to unlock, which allows remote attackers to cause a denial of service (excessive list size in the EMM Database) via a long sequence of login attempts with different usernames.

Published: Aug 22, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-4588
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

CWEs:

CWE-255

Affected Software
References

Software	From	Fixed in
mcafee / enterprise_mobility_manager	-	4.7.x
mcafee / enterprise_mobility_manager_agent	-	10.0.x

https://kc.mcafee.com/corporate/index?page=content&id=SB10021

Vulnerability Database

289,697

CVE-2012-4588