Unrated severityNVD Advisory· Published Dec 2, 2015· Updated Jun 17, 2026
CVE-2015-8024
CVE-2015-8024
Description
McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) 9.3.x before 9.3.2MR19, 9.4.x before 9.4.2MR9, and 9.5.x before 9.5.0MR8, when configured to use Active Directory or LDAP authentication sources, allow remote attackers to bypass authentication by logging in with the username "NGCP|NGCP|NGCP;" and any password.
Affected products
10cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.3.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.5.0:*:*:*:*:*:*:*
- (no CPE)range: 9.3.x before 9.3.2MR19, 9.4.x before 9.4.2MR9, 9.5.x before 9.5.0MR8
- Range: 9.3.x before 9.3.2MR19, 9.4.x before 9.4.2MR9, 9.5.x before 9.5.0MR8
- Range: 9.3.x before 9.3.2MR19, 9.4.x before 9.4.2MR9, 9.5.x before 9.5.0MR8
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.