Unrated severityNVD Advisory· Published Aug 22, 2012· Updated Jun 16, 2026
CVE-2012-4583
CVE-2012-4583
Description
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to obtain the session tokens of arbitrary users by navigating within the Dashboard.
Affected products
6cpe:2.3:a:mcafee:email_and_web_security:5.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:mcafee:email_and_web_security:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:email_and_web_security:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:email_and_web_security:5.6:*:*:*:*:*:*:*
- (no CPE)range: before 5.5 Patch 6, before 5.6 Patch 3
cpe:2.3:a:mcafee:email_gateway:7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mcafee:email_gateway:7.0:*:*:*:*:*:*:*
- (no CPE)range: before 7.0 Patch 1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.