Multiple vulnerabilities in McAfee Web Gateway
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2018-6677 CVE-2018-6678 |
| CWE-ID | CWE-22 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
McAfee Web Gateway Server applications / Remote management servers, RDP, SSH |
| Vendor | McAfee |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Path traversal
EUVDB-ID: #VU36826
Risk: High
CVSSv3.1: 8.3 [AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-6677
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in the administrative user interface in McAfee Web Gateway (MWG) MWG 7.8.1.x. A remote authenticated attacker can send a specially crafted HTTP request and authenticated administrator users to gain elevated privileges via unspecified vectors.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsMcAfee Web Gateway: 7.8.1.0
External linkshttp://www.securityfocus.com/bid/104893
http://kc.mcafee.com/corporate/index?page=content&id=SB10245
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU36827
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-6678
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to execute arbitrary code.
Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsMcAfee Web Gateway: 7.8.1.0
External linkshttp://www.securityfocus.com/bid/104893
http://kc.mcafee.com/corporate/index?page=content&id=SB10245
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
