CyberSec.Space Logo
Back to CVE Browser

CVE-2020-7293

CRITICAL
9.0
CVSS Severity Score
EPSS Score0.0240%
EPSS Percentile21.89th
PublishedSep 15, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user with low permissions to change the system's root password via improper access controls in the user interface.

Affected Platforms (CPE)

📦
Mcafee

Web Gateway

>= 7.8.0 and < 7.8.2.23
📦
Mcafee

Web Gateway

>= 8.2.0 and < 8.2.11
📦
Mcafee

Web Gateway

>= 9.0.0 and < 9.2.3

References & Advisories

🔗 https://kc.mcafee.com/corporate/index?page=content&id=SB10323
🔗 https://kc.mcafee.com/corporate/index?page=content&id=SB10323

Related Vulnerabilities

CVE-2018-1246410.0

A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows a...

CVE-2020-202110.0

When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option i...

CVE-2018-666710.0

Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remo...

CVE-2010-473310.0

WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom N...