VYPR
Unrated severityNVD Advisory· Published Aug 22, 2012· Updated Jun 16, 2026

CVE-2012-4583

CVE-2012-4583

Description

McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to obtain the session tokens of arbitrary users by navigating within the Dashboard.

Affected products

6
  • cpe:2.3:a:mcafee:email_and_web_security:5.0:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:mcafee:email_and_web_security:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_and_web_security:5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_and_web_security:5.6:*:*:*:*:*:*:*
    • (no CPE)range: before 5.5 Patch 6, before 5.6 Patch 3
  • cpe:2.3:a:mcafee:email_gateway:7.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mcafee:email_gateway:7.0:*:*:*:*:*:*:*
    • (no CPE)range: before 7.0 Patch 1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.