Published: 02/12/2015 Updated: 07/12/2016

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) 9.3.x prior to 9.3.2MR19, 9.4.x prior to 9.4.2MR9, and 9.5.x prior to 9.5.0MR8, when configured to use Active Directory or LDAP authentication sources, allow remote malicious users to bypass authentication by logging in with the username "NGCP|NGCP|NGCP;" and any password.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mcafee mcafee enterprise security manager 9.3.2
mcafee mcafee enterprise security manager 9.3.1
mcafee mcafee enterprise security manager 9.3.0
mcafee mcafee enterprise security manager 9.4.0
mcafee mcafee enterprise security manager 9.4.1
mcafee mcafee enterprise security manager 9.4.2
mcafee mcafee enterprise security manager 9.5.0

McAfee Security Manager lets anybody bypass managers' security

The Register • Richard Chirgwin • 07 Dec 2015

'Specially crafted username' opens the keys to the kingdom of FAIL

McAfee's Enterprise Security Manager (ESM) needs patching, as smartly as you can manage, due to an administrator-level authentication bypass. The advisory here says “a specially crafted username” can get past the Security Information & Event Management logins without authentication, and without a password, “if the ESM is configured to use Active Directory or LDAP”. That gives the attacker access to NGCP – the default username created at first installation – without checking the p...

CVE-2015-8024

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect