CVE-2012-4599
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
McAfee SmartFilter Administration, and SmartFilter Administration Bess Edition, before 4.2.1.01 does not require authentication for access to the JBoss Remote Method Invocation (RMI) interface, which allows remote attackers to execute arbitrary code via a crafted .war file.
McAfee SmartFilter Administration y SmartFilter Administration Bess Edition, en versiones anteriores a 4.2.1.01 no requiere autenticación para el acceso a la interfaz JBoss Remote Method Invocation (RMI), lo que permite a atacantes remotos ejecutar código arbitrario a través de un archivo .war manipulado.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-08-22 CVE Reserved
- 2012-08-22 CVE Published
- 2023-03-10 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10029 | 2017-01-20 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mcafee Search vendor "Mcafee" | Smartfilter Administration Search vendor "Mcafee" for product "Smartfilter Administration" | <= 4.2.1 Search vendor "Mcafee" for product "Smartfilter Administration" and version " <= 4.2.1" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Smartfilter Administration Search vendor "Mcafee" for product "Smartfilter Administration" | <= 4.2.1 Search vendor "Mcafee" for product "Smartfilter Administration" and version " <= 4.2.1" | bess |
Affected
| ||||||