CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-7293

CRITICAL
9.0
CVSS Severity Score
EPSS Score0.0240%
EPSS Percentile21.89th
Published2020年9月15日
Last Modified2024年11月21日

Vulnerability Description

Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user with low permissions to change the system's root password via improper access controls in the user interface.

Affected Platforms (CPE)

📦
Mcafee

Web Gateway

>= 7.8.0 and < 7.8.2.23
📦
Mcafee

Web Gateway

>= 8.2.0 and < 8.2.11
📦
Mcafee

Web Gateway

>= 9.0.0 and < 9.2.3

References & Advisories

🔗 https://kc.mcafee.com/corporate/index?page=content&id=SB10323
🔗 https://kc.mcafee.com/corporate/index?page=content&id=SB10323

関連する脆弱性情報

CVE-2018-1246410.0

A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows a...

CVE-2020-202110.0

When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option i...

CVE-2018-666710.0

Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remo...

CVE-2010-473310.0

WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom N...