CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2012-4587
https://notcve.org/view.php?id=CVE-2012-4587
22 Aug 2012 — McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1, when one-time provisioning (OTP) mode is enabled, have an improper dependency on DNS SRV records, which makes it easier for remote attackers to discover user passwords by spoofing the EMM server, as demonstrated by a password entered on an iOS device. McAfee Enterprise Mobility Manager (EMM) Agent antes de v4.8 y EMM Server antes de v10.1, cuando está habilitado el modo OTP, tienen una dependencia en registros SRV de DNS, lo q... • https://exchange.xforce.ibmcloud.com/vulnerabilities/78130 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2012-4588
https://notcve.org/view.php?id=CVE-2012-4588
22 Aug 2012 — McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1 record all invalid usernames presented in failed login attempts, and place them on a list of accounts that an administrator may wish to unlock, which allows remote attackers to cause a denial of service (excessive list size in the EMM Database) via a long sequence of login attempts with different usernames. McAfee Enterprise Mobility Manager (EMM) Agent antes de v4.8 y EMM Server antes de v10.1 registra todos los nombres de usu... • https://kc.mcafee.com/corporate/index?page=content&id=SB10021 • CWE-255: Credentials Management Errors •