Vulnerabilities > CVE-2012-4588 - Credentials Management vulnerability in Mcafee products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

mcafee

CWE-255

NVD

Published: 2012-08-22

Updated: 2024-11-21

Summary

McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1 record all invalid usernames presented in failed login attempts, and place them on a list of accounts that an administrator may wish to unlock, which allows remote attackers to cause a denial of service (excessive list size in the EMM Database) via a long sequence of login attempts with different usernames.

Vulnerable Configurations

Part	Description	Count
Application	Mcafee Mcafee Enterprise Mobility Manager * Mcafee Enterprise Mobility Manager Agent *	2

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10021
https://kc.mcafee.com/corporate/index?page=content&id=SB10021