McAfee Email and Web Security (EWS) 5.x prior to 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to obtain the session tokens of arbitrary users by navigating within the Dashboard.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mcafee email and web security 5.0 |
||
mcafee email and web security 5.5 |
||
mcafee email and web security 5.6 |
||
mcafee email gateway 7.0 |