CVE-2012-4583

{"id": "CVE-2012-4583", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-08-22T10:42:04.820", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0161.html", "source": "cve@mitre.org"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10020", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0161.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10020", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to obtain the session tokens of arbitrary users by navigating within the Dashboard."}, {"lang": "es", "value": "McAfee Email and Web Security v5.x (EWS) antes de v5.5 Patch 6 y v5.6 antes de la revisi\u00f3n 3 y McAfee Email Gateway (MEG) v7.0 antes de la revisi\u00f3n 1 permiten a usuarios remotos autenticados obtener tokens de sesi\u00f3n de usuarios de su elecci\u00f3n, navegando en el 'Dashboard'.\r\n"}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:email_and_web_security:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66A3B3D7-D6F2-4AE9-89BA-3B39896D6DBE"}, {"criteria": "cpe:2.3:a:mcafee:email_and_web_security:5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8E57CF1-7D4D-45E9-A74D-51D6C7940F26"}, {"criteria": "cpe:2.3:a:mcafee:email_and_web_security:5.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36F5B0E9-0B28-4DAD-91C9-0E722D79AC46"}, {"criteria": "cpe:2.3:a:mcafee:email_gateway:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46F5DE96-C4C2-498A-AD79-82BEC9A7DF5B"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}