Information Disclosure: Obtaining Hashed User Passwords in McAfee Web Gateway

Information Disclosure: Obtaining Hashed User Passwords in McAfee Web Gateway

CVE-2014-6064 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The Accounts tab in the administrative user interface in McAfee Web Gateway (MWG) before 7.3.2.9 and 7.4.x before 7.4.2 allows remote authenticated users to obtain the hashed user passwords via unspecified vectors.

Learn more about our Web App Pen Testing.