// For flags

CVE-2012-4589

 

Severity Score

2.1
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

Login.aspx en Portal en McAfee Enterprise Mobility Manager (EMM) anteriores a v10.0 no tiene un atributo de autocompletar los campos de formulario no especificados, lo que hace que facilita a los atacantes remotos obtener acceso mediante el aprovechamiento de una estaciĆ³n de trabajo no atendida.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-08-22 CVE Reserved
  • 2012-08-22 CVE Published
  • 2024-03-22 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mcafee
Search vendor "Mcafee"
 Enterprise Mobility Manager
Search vendor "Mcafee" for product "Enterprise Mobility Manager"
 <= 9.6
Search vendor "Mcafee" for product "Enterprise Mobility Manager" and version " <= 9.6"
-
Affected
Mcafee
Search vendor "Mcafee"
 Enterprise Mobility Manager
Search vendor "Mcafee" for product "Enterprise Mobility Manager"
 4.7
Search vendor "Mcafee" for product "Enterprise Mobility Manager" and version "4.7"
-
Affected