- Description
- Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to delete or download protected log data via improper access controls in the user interface.
- Source
- trellixpsirt@trellix.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 4.6
- Impact score
- 2.5
- Exploitability score
- 2.1
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4.1
- Impact score
- 4.9
- Exploitability score
- 5.1
- Vector string
- AV:A/AC:L/Au:S/C:P/I:P/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0241E941-8733-4DE1-A8A8-786E3A288192",
"versionEndExcluding": "7.8.2.23",
"versionStartIncluding": "7.8.0"
},
{
"criteria": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CBED2B1-5ED4-4595-9831-5094918C26FE",
"versionEndExcluding": "8.2.11",
"versionStartIncluding": "8.2.0"
},
{
"criteria": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "60074049-D864-4A37-8959-E54040F889D5",
"versionEndExcluding": "9.2.3",
"versionStartIncluding": "9.0.0"
}
],
"operator": "OR"
}
]
}
]