CVE-2010-2116

The web interface in McAfee Email Gateway (formerly IronMail) 6.7.1 allows remote authenticated users, with only Read privileges, to gain Write privileges to modify configuration via the save action in a direct request to admin/systemWebAdminConfig.do.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
VendorProductVersion
mcafeeemail_gateway
6.7.1
mcafeesecure_mail
6.7.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/64832
http://secunia.com/advisories/39881
http://www.cybsec.com/vuln/cybsec_advisory_2010_0501_Ironmail_Advisory_Web_Access_Broken.pdf
http://www.securitytracker.com/id?1024018
http://www.vupen.com/english/advisories/2010/1239
http://osvdb.org/64832
http://secunia.com/advisories/39881
http://www.cybsec.com/vuln/cybsec_advisory_2010_0501_Ironmail_Advisory_Web_Access_Broken.pdf
http://www.securitytracker.com/id?1024018
http://www.vupen.com/english/advisories/2010/1239