Detections
Analytics
McAfee WebShield UI Authentication Bypass (SB10026)
high Nessus Plugin ID 59110
Language:
Synopsis
A web application hosted on the remote web server is affected by an authentication bypass vulnerability.Description
The version of the McAfee WebShield UI hosted on the remote web server is affected by an authentication bypass vulnerability. It is possible to get a valid session ID as the administrative user by making a specially crafted request to /cgi-bin/localadmin. A remote, unauthenticated attacker can exploit this to perform administrative actions. After gaining administrative privileges, an attacker can take complete control of the system.Solution
Apply the relevant hotfix specified in McAfee Security Bulletin SB10026.See Also
https://www.tenable.com/security/research/tra-2012-17
https://kc.mcafee.com/corporate/index?page=content&id=SB10026
Plugin Details
Severity: High
ID: 59110
File Name: mcafee_webshield_auth_bypass.nasl
Version: 1.16
Type: remote
Family: CGI abuses
Published: 5/16/2012
Updated: 1/19/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.8
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:mcafee:email_and_web_security, cpe:/a:mcafee:email_gateway
Required KB Items: www/mcafee_webshield
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Available: true
Exploit Ease: Exploits are available
Exploited by Nessus: true
Patch Publication Date: 5/8/2012
Vulnerability Publication Date: 5/8/2012
Exploitable With
Elliot (McAfee Email Gateway 7.0 File Disclosure)
Reference Information
CVE: CVE-2012-4595
BID: 55184
MCAFEE-SB: SB10026
TRA: TRA-2012-17