- Description
- About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 discloses the name of the user account for an IIS worker process, which allows remote attackers to obtain potentially sensitive information by visiting this page.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- nvd@nist.gov
- CWE-200
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:enterprise_mobility_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A6C31861-243D-4236-8DDF-67329AC63391",
"versionEndIncluding": "9.6"
},
{
"criteria": "cpe:2.3:a:mcafee:enterprise_mobility_manager:4.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7EFFC4A8-98F5-4289-A409-9CE63F6BFB75"
}
],
"operator": "OR"
}
]
}
]