← back
CVE-2010-2116

CVE-2010-2116

EPSS 2.3%
The web interface in McAfee Email Gateway (formerly IronMail) 6.7.1 allows remote authenticated users, with only Read privileges, to gain Write privileges to modify configuration via the save action in a direct request to admin/systemWebAdminConfig.do.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/64832http://secunia.com/advisories/39881http://www.cybsec.com/vuln/cybsec_advisory_2010_0501_Ironmail_Advisory_Web_Access_Broken.pdfhttp://www.securitytracker.com/id?1024018http://www.vupen.com/english/advisories/2010/1239