CVE-2012-4582
Severity Score
4.9
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to reset the passwords of arbitrary administrative accounts via unspecified vectors.
McAfee Email and Web Security v5.x (EWS) antes de v5.5 Patch 6 y v5.6 antes de la revisión 3 y McAfee Email Gateway (MEG) v7.0 antes de la revisión 1 permiten a usuarios remotos autenticados cambiar las contraseñas de cuentas de administración de su elección mediante vectores no especificados.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-08-22 CVE Reserved
- 2012-08-22 CVE Published
- 2023-07-13 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2012-03/0160.html | Mailing List |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10020 | 2012-11-20 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mcafee Search vendor "Mcafee" | Email And Web Security Search vendor "Mcafee" for product "Email And Web Security" | 5.0 Search vendor "Mcafee" for product "Email And Web Security" and version "5.0" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Email And Web Security Search vendor "Mcafee" for product "Email And Web Security" | 5.5 Search vendor "Mcafee" for product "Email And Web Security" and version "5.5" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Email And Web Security Search vendor "Mcafee" for product "Email And Web Security" | 5.6 Search vendor "Mcafee" for product "Email And Web Security" and version "5.6" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Email Gateway Search vendor "Mcafee" for product "Email Gateway" | 7.0 Search vendor "Mcafee" for product "Email Gateway" and version "7.0" | - |
Affected
| ||||||