Summary
This host is running McAfee Web Gateway and is prone to directory traversal vulnerability.
Impact
Successful exploitation will allow attackers to disclose potentially sensitive information.
Impact Level: Application
Solution
Upgrade to McAfee Web Gateway 7.3.2.6 or 7.4.1 or later, For updates refer to http://www.mcafee.com/us/products/web-gateway.aspx
Insight
The flaw is due to an error within the MWG web filtering port when processing requests.
Affected
McAfee Web Gateway 7.4.x before 7.4.1, 7.3.x before 7.3.2.6, 7.2.0.9 and earlier
Detection
Get the installed version of McAfee Web Gateway with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-2535 -
CVSS Base Score: 4.0
AV:N/AC:L/Au:S/C:P/I:N/A:N
Related Vulnerabilities
- Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
- 123 Flash Chat Multiple Security Vulnerabilities
- Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability
- Adobe ColdFusion Multiple Full Path Disclosure Vulnerabilities
- Adobe ColdFusion Multiple Path Disclosure Vulnerabilities