Arbitrary Password Reset Vulnerability in McAfee Email and Web Security (EWS) and McAfee Email Gateway (MEG)

Arbitrary Password Reset Vulnerability in McAfee Email and Web Security (EWS) and McAfee Email Gateway (MEG)

CVE-2012-4582 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:N

McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to reset the passwords of arbitrary administrative accounts via unspecified vectors.

Learn more about our Web App Pen Testing.