Vulnerabilities > CVE-2019-3635 - Unspecified vulnerability in Mcafee web Gateway

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

mcafee

NVD

Published: 2019-08-14

Updated: 2023-11-07

Summary

Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows attackers to obtain sensitive data via crafting a complex webpage that will trigger the Web Gateway to block the user accessing an iframe.

Vulnerable Configurations

Part	Description	Count
Application	Mcafee Mcafee WEB Gateway 7.8.2.0 Mcafee WEB Gateway 7.8.2.1 Mcafee WEB Gateway 7.8.2.2 Mcafee WEB Gateway 7.8.2.3 Mcafee WEB Gateway 7.8.2.4 Mcafee WEB Gateway 7.8.2.5 Mcafee WEB Gateway 7.8.2.6 Mcafee WEB Gateway 7.8.2.7 Mcafee WEB Gateway 7.8.2.8 Mcafee WEB Gateway 7.8.2.9 Mcafee WEB Gateway 7.8.2.10 Mcafee WEB Gateway 7.8.2.11	12

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10293