Privilege Escalation Vulnerability in McAfee Email and Web Security (EWS) and McAfee Email Gateway (MEG)

Privilege Escalation Vulnerability in McAfee Email and Web Security (EWS) and McAfee Email Gateway (MEG)

CVE-2012-4586 · LOW Severity

AV:N/AC:M/AU:S/C:P/I:N/A:N

McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows remote authenticated users to bypass intended permission settings by requesting a file.

Learn more about our Web App Pen Testing.