Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-7268

Path Traversal vulnerability in McAfee McAfee Email Gateway (MEG) prior to 7.6.406 allows remote attackers to traverse the file system to access files or directories that are outside of the restricted directory via external input to construct a path name that should be within a restricted directory.

Published

2020-09-16T02:15:12.553

Last Modified

2024-11-21T05:36:57.680

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

8.0

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-22
Type: Primary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	mcafee	email_gateway	< 7.6.406	Yes

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10323 ([email protected])
https://kc.mcafee.com/corporate/index?page=content&id=SB10323 (af854a3a-2127-422b-91ae-364da2661108)