Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee mcafee web gateway vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv3
CVE-2020-7294
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) before 9.2.1 allows authenticated user interface user to delete or download protected files via improper access controls in the REST interface.
Mcafee Web Gateway
4.6
CVSSv3
CVE-2020-7295
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) before 9.2.1 allows authenticated user interface user to delete or download protected log data via improper access controls in the user interface.
Mcafee Web Gateway
5.7
CVSSv3
CVE-2020-7296
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) before 9.2.1 allows authenticated user interface user to access protected configuration files via improper access control in the user interface.
Mcafee Web Gateway
5.7
CVSSv3
CVE-2020-7297
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) before 9.2.1 allows authenticated user interface user to access protected dashboard data via improper access control in the user interface.
Mcafee Web Gateway
6.5
CVSSv3
CVE-2019-3635
Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x before 7.8.2.12 allows malicious users to obtain sensitive data via crafting a complex webpage that will trigger the Web Gateway to block the user accessing an iframe.
Mcafee Web Gateway
7.1
CVSSv3
CVE-2019-3639
Clickjack vulnerability in Adminstrator web console in McAfee Web Gateway (MWG) 7.8.2.x before 7.8.2.12 allows remote malicious users to conduct clickjacking attacks via a crafted web page that contains an iframe via does not send an X-Frame-Options HTTP header.
Mcafee Web Gateway
6.1
CVSSv3
CVE-2022-1254
A URL redirection vulnerability in Skyhigh SWG in main releases 10.x before 10.2.9, 9.x before 9.2.20, 8.x before 8.2.27, and 7.x before 7.8.2.31, and controlled release 11.x before 11.1.3 allows a remote malicious user to redirect a user to a malicious website controlled by the ...
Mcafee Web Gateway
NA
CVE-2012-2212
McAfee Web Gateway 7.0 allows remote malicious users to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher did not provide configuration deta...
Mcafee Web Gateway 7.0.0
1 Github repository
6.1
CVSSv3
CVE-2016-3969
Cross-site scripting (XSS) vulnerability in McAfee Email Gateway (MEG) 7.6.x prior to 7.6.404, when File Filtering is enabled with the action set to ESERVICES:REPLACE, allows remote malicious users to inject arbitrary web script or HTML via an attachment in a blocked email.
Mcafee Email Gateway 7.6.4
Mcafee Email Gateway 7.6.3
Mcafee Email Gateway 7.6.2
Mcafee Email Gateway 7.6.1
Mcafee Email Gateway 7.6
NA
CVE-2010-2116
The web interface in McAfee Email Gateway (formerly IronMail) 6.7.1 allows remote authenticated users, with only Read privileges, to gain Write privileges to modify configuration via the save action in a direct request to admin/systemWebAdminConfig.do.
Mcafee Email Gateway 6.7.1
Mcafee Secure Mail 6.7.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »