McAfee Email Gateway Arbitrary Email Creation - Authenticated
Vulnerability Title: McAfee Email Gateway Arbitrary Email Creation - Authenticated
- McAfee Email Gateway (MEG) 7.0, 7.0.1 and 7.0.
By default it looks that external recipients can only receive emails and respond to them. However, as long as the option is known it is possible to compose a new message without having the privileges to do so.
Impact: Impact is low, due to the fact that they need valid credentials to be exploited.
Please see the following knowledgebase article: https://kc.mcafee.com/corporate/index?page=content&id=SB10037&locale=en_IN&viewlocale=en_IN
© 2015 coma. All rights reserved.
Disclaimer: There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk.
In no event shall the author be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.