- Description
- Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0, 3.1, and 3.5.1, McAfee Cloud Single Sign On (MCSSO) before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1 and 2.5 allows remote authenticated users to read an unspecified file containing a hash of the administrator password via unknown vectors.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:N/A:N
- nvd@nist.gov
- CWE-22
- Hype score
- Not currently trending
- Comment
- -
- Impact
- Per: https://kc.mcafee.com/corporate/index?page=content&id=SB10066 "Affected Versions: Intel Expressway Cloud Access 360-SSO 2.1, 2.5 McAfee Cloud Identity Manager 3.0, 3.1, 3.5.1 McAfee Cloud Single Sign On 4.0.0"
- Solution
- Per: https://kc.mcafee.com/corporate/index?page=content&id=SB10066 "Affected Versions: Intel Expressway Cloud Access 360-SSO 2.1, 2.5 McAfee Cloud Identity Manager 3.0, 3.1, 3.5.1 McAfee Cloud Single Sign On 4.0.0"
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:expressway_cloud_access_360:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE25F0BE-B298-4FA3-B0D7-755B344AA19A"
},
{
"criteria": "cpe:2.3:a:intel:expressway_cloud_access_360:2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12DF79E2-6C13-4CD2-86DE-5C0E023D7142"
},
{
"criteria": "cpe:2.3:a:mcafee:cloud_identity_manager:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4008DFB6-A72B-4437-A819-A575C7AA59A1"
},
{
"criteria": "cpe:2.3:a:mcafee:cloud_identity_manager:3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFCF5CA8-A738-4177-855F-43336670B9DD"
},
{
"criteria": "cpe:2.3:a:mcafee:cloud_identity_manager:3.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5974023-0273-4794-AFB7-E3A5AA6726FD"
},
{
"criteria": "cpe:2.3:a:mcafee:cloud_single_sign_on:4.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7F80C8C-0E7E-46C3-985D-EDCF1DF02CF0"
}
],
"operator": "OR"
}
]
}
]