CVE-2018-6667

Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remote attackers to execute arbitrary code via Java management extensions (JMX).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
trellixCNA
10 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
Affected Products (NVD)
VendorProductVersion
mcafeemcafee_web_gateway
7.8.1.0 ≤
𝑥
≤ 7.8.1.5
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
mcafeeweb_gateway
7.8.1.0
CNA
mcafeeweb_gateway
𝑥
≤ 7.8.1.5
CNA
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/104564
http://www.securitytracker.com/id/1041129
https://kc.mcafee.com/corporate/index?page=content&id=SB10241
http://www.securityfocus.com/bid/104564
http://www.securitytracker.com/id/1041129
https://kc.mcafee.com/corporate/index?page=content&id=SB10241