Unrated severityNVD Advisory· Published Dec 2, 2015· Updated May 6, 2026

CVE-2015-8024

Description

McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) 9.3.x before 9.3.2MR19, 9.4.x before 9.4.2MR9, and 9.5.x before 9.5.0MR8, when configured to use Active Directory or LDAP authentication sources, allow remote attackers to bypass authentication by logging in with the username "NGCP|NGCP|NGCP;" and any password.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kc.mcafee.com/corporate/indexnvdVendor Advisory
www.quantumleap.it/mcafee-siem-esm-esmrec-and-esmlm-authentication-bypass-vulnerability/nvd
www.securitytracker.com/id/1034288nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000