McAfee Enterprise Mobility Manager (EMM) Agent prior to 4.8 and Server prior to 10.1, when one-time provisioning (OTP) mode is enabled, have an improper dependency on DNS SRV records, which makes it easier for remote malicious users to discover user passwords by spoofing the EMM server, as demonstrated by a password entered on an iOS device.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mcafee enterprise mobility manager |
||
mcafee enterprise mobility manager agent |