CVE-2018-6678

EUVD-2018-18425
Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.1 CRITICAL
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
trellixCNA
3.4 LOW
NETWORK
LOW
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
Affected Products (NVD)
VendorProductVersion
mcafeemcafee_web_gateway
7.8.1.0
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/104893
https://kc.mcafee.com/corporate/index?page=content&id=SB10245
http://www.securityfocus.com/bid/104893
https://kc.mcafee.com/corporate/index?page=content&id=SB10245