Information disclosure in Mcafee Web_gateway

CVE-2014-6064

The Accounts tab in the administrative user interface in McAfee Web Gateway (MWG) before 7.3.2.9 and 7.4.x before 7.4.2 allows remote authenticated users to obtain the hashed user passwords via unspecified vectors.

Vulnerability class: Information Disclosure

EPSS: 0.002 (48.0th percentile) — read the EPSS interpretation.

Affected products

Mcafee Web_gateway
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

1030675 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
mcafee-gateway-cve20146064-info-disc(95690) (VDB Entry, vdb-entry, x_refsource_XF)