Vulnerabilities > Mcafee > Email Gateway > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-02-17 | CVE-2015-1619 | Cross-site Scripting vulnerability in Mcafee Email Gateway Cross-site scripting (XSS) vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway (MEG) 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified tokens in Digest messages. | 3.5 |
| 2012-08-22 | CVE-2012-4584 | Cryptographic Issues vulnerability in Mcafee Email and web Security and Email Gateway McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, does not properly encrypt system-backup data, which makes it easier for remote authenticated users to obtain sensitive information by reading a backup file, as demonstrated by obtaining password hashes. | 3.5 |
| 2012-08-22 | CVE-2012-4586 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Email and web Security and Email Gateway McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows remote authenticated users to bypass intended permission settings by requesting a file. | 3.5 |