CVE-2014-2535

CWE-22 — Path Traversal3 documents3 sources

Severity

4.0MEDIUM

EPSS

1.0%

top 23.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mcafee WEB Gateway

Timeline

PublishedMar 18

Latest updateMay 14

Description

Directory traversal vulnerability in McAfee Web Gateway (MWG) 7.4.x before 7.4.1, 7.3.x before 7.3.2.6, and 7.2.0.9 and earlier allows remote authenticated users to read arbitrary files via a crafted request to the web filtering port.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmcafee/web_gateway7.3.2 — 7.3.2.6+2

🔴Vulnerability Details

GHSA

GHSA-cjvp-xw2h-c8v3: Directory traversal vulnerability in McAfee Web Gateway (MWG) 7↗2022-05-14

▶

CVEList

CVE-2014-2535: Directory traversal vulnerability in McAfee Web Gateway (MWG) 7↗2014-03-18

▶