What is CVE-2012-2212?

CVE-2012-2212 is a vulnerability in Mcafee Web_gateway, classified under CWE-264. Published 2012-04-28.

Is CVE-2012-2212 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Mcafee Web_gateway

CVE-2012-2212

McAfee Web Gateway 7.0 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researche…

EPSS: 0.001 (27.7th percentile) — read the EPSS interpretation.

Affected products

Mcafee Web_gateway — versions 7.0.0
N/a — versions n/a

Weakness classification (CWE)

CWE-264

Public proof-of-concept exploits

claudijd/proxy_

References

20120424 RE: McAfee Web Gateway URL Filtering Bypass (mailing-list, x_refsource_BUGTRAQ)
20120421 Re: McAfee Web Gateway URL Filtering Bypass (mailing-list, x_refsource_BUGTRAQ)
20120416 McAfee Web Gateway URL Filtering Bypass (mailing-list, x_refsource_BUGTRAQ)

Frequently asked questions

What is CVE-2012-2212?: CVE-2012-2212 is a vulnerability in Mcafee Web_gateway, classified under CWE-264. Published 2012-04-28.
Is CVE-2012-2212 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.