| |
Vulnerability CVE-2020-7293
Published: 2020-09-15 Modified: 2020-09-16
| Description: |
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user with low permissions to change the system's root password via improper access controls in the user interface. |
Type:
CWE-287 (Improper Authentication)
CVSS2 => (AV:A/AC:L/Au:S/C:C/I:C/A:C)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.7/10 |
10/10 |
5.1/10 |
| Exploit range |
Attack complexity |
Authentication |
Adjacent network |
Low |
Single time |
| Confidentiality impact |
Integrity impact |
Availability impact |
Complete |
Complete |
Complete |
References: |
https://kc.mcafee.com/corporate/index?page=content&id=SB10323
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
