Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4588

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-4588
Last Modified 22 Aug 2012 12:00:00
Published 22 Aug 2012 06:42:05
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4588

Summary

McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1 record all invalid usernames presented in failed login attempts, and place them on a list of accounts that an administrator may wish to unlock, which allows remote attackers to cause a denial of service (excessive list size in the EMM Database) via a long sequence of login attempts with different usernames.

Vulnerable Systems

Application

  • Mcafee Enterprise Mobility Manager 4.7

  • Mcafee Enterprise Mobility Manager Agent 10.0


References

CONFIRM - https://kc.mcafee.com/corporate/index?page=content&id=SB10021


Last Updated: 27 May 2016 11:00:18