Vulnerability Description
Directory traversal vulnerability in McAfee Web Gateway (MWG) 7.4.x before 7.4.1, 7.3.x before 7.3.2.6, and 7.2.0.9 and earlier allows remote authenticated users to read arbitrary files via a crafted request to the web filtering port.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mcafee | Web Gateway | >= 7.2.0, <= 7.2.0.9 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/56958Vendor Advisory
- http://www.securityfocus.com/bid/66193Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91772VDB Entry
- https://kc.mcafee.com/corporate/index?page=content&id=SB10063Vendor Advisory
- http://secunia.com/advisories/56958Vendor Advisory
- http://www.securityfocus.com/bid/66193Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91772VDB Entry
- https://kc.mcafee.com/corporate/index?page=content&id=SB10063Vendor Advisory
FAQ
What is CVE-2014-2535?
CVE-2014-2535 is a vulnerability with a CVSS score of 4.0 (MEDIUM). Directory traversal vulnerability in McAfee Web Gateway (MWG) 7.4.x before 7.4.1, 7.3.x before 7.3.2.6, and 7.2.0.9 and earlier allows remote authenticated users to read arbitrary files via a crafted ...
How severe is CVE-2014-2535?
CVE-2014-2535 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-2535?
Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Web Gateway.