Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4582


Vulnerability Score 4.9 4.9
CVE Id CVE-2012-4582
Last Modified 19 Nov 2012 11:49:32
Published 22 Aug 2012 06:42:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE



McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to reset the passwords of arbitrary administrative accounts via unspecified vectors.

Vulnerable Systems


  • Mcafee Email And Web Security 5.0

  • Mcafee Email And Web Security 5.5

  • Mcafee Email And Web Security 5.6

  • Mcafee Email Gateway 7.0



BUGTRAQ - 20120329 NGS00155 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Any logged-in user can bypass controls to reset passwords of other administrators

Last Updated: 27 May 2016 10:56:40