CVE-2014-2535

Directory traversal vulnerability in McAfee Web Gateway (MWG) 7.4.x before 7.4.1, 7.3.x before 7.3.2.6, and 7.2.0.9 and earlier allows remote authenticated users to read arbitrary files via a crafted request to the web filtering port.

Published: Mar 18, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-2535
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
mcafee / web_gateway	7.2.0	7.2.0.9.x
mcafee / web_gateway	7.3.2	7.3.2.6
mcafee / web_gateway	7.4.0	7.4.1

http://secunia.com/advisories/56958
http://www.securityfocus.com/bid/66193
https://exchange.xforce.ibmcloud.com/vulnerabilities/91772
https://kc.mcafee.com/corporate/index?page=content&id=SB10063

Vulnerability Database

289,599

CVE-2014-2535