mcafee enterprise mobility manager 4.7 vulnerabilities and exploits

(subscribe to this query)

Multiple cross-site scripting (XSS) vulnerabilities in About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) prior to 10.0 might allow remote malicious users to inject arbitrary web script or HTML via the (1) User Agent or (2) Connection variable.

Mcafee Enterprise Mobility Manager 4.7 Mcafee Enterprise Mobility Manager

The Portal in McAfee Enterprise Mobility Manager (EMM) prior to 10.0 does not set the secure flag for the ASP.NET session cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission within an http session.

Mcafee Enterprise Mobility Manager Mcafee Enterprise Mobility Manager 4.7

Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) prior to 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote malicious users to obtain access by leveraging an unattended workstation.

Mcafee Enterprise Mobility Manager 4.7 Mcafee Enterprise Mobility Manager

About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) prior to 10.0 discloses the name of the user account for an IIS worker process, which allows remote malicious users to obtain potentially sensitive information by visiting this page.

Mcafee Enterprise Mobility Manager 4.7 Mcafee Enterprise Mobility Manager

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook