var-201311-0213
Vulnerability from variot
McAfee Email Gateway (MEG) 7.0 before 7.0.4 and 7.5 before 7.5.1 allows remote authenticated users to execute arbitrary commands via unspecified vectors. McAfee Email Gateway is prone to an unspecified command-injection vulnerability because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary commands with root privileges. Successful exploits could compromise the application and possibly the underlying system. The following versions are affected: McAfee Email Gateway 7.0 through 7.0.3 McAfee Email Gateway 7.5 through 7.5.0. The solution offers incoming threat protection, outgoing encryption, data loss prevention, and more. A security vulnerability exists in MEG 7.0 prior to 7.0.4 and 7.5 prior to 7.5.1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0213",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "email gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "mcafee",
"version": "7.0.3"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "mcafee",
"version": "7.0.1"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "mcafee",
"version": "7.0.2"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "mcafee",
"version": "7.5"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "mcafee",
"version": "7.0.4"
},
{
"model": "email gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "mcafee",
"version": "7.0"
},
{
"model": "email gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "mcafee",
"version": "7.5"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "mcafee",
"version": "7.5.1"
},
{
"model": "email gateway patch",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.01"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0"
},
{
"model": "email gateway hotfix",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "6.7.22"
},
{
"model": "email gateway hotfix",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "6.7.21"
}
],
"sources": [
{
"db": "BID",
"id": "63544"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004998"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-011"
},
{
"db": "NVD",
"id": "CVE-2013-6349"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:mcafee:email_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004998"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ANZ Bank",
"sources": [
{
"db": "BID",
"id": "63544"
}
],
"trust": 0.3
},
"cve": "CVE-2013-6349",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "CVE-2013-6349",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "VHN-66351",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-6349",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-6349",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-011",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-66351",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66351"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004998"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-011"
},
{
"db": "NVD",
"id": "CVE-2013-6349"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "McAfee Email Gateway (MEG) 7.0 before 7.0.4 and 7.5 before 7.5.1 allows remote authenticated users to execute arbitrary commands via unspecified vectors. McAfee Email Gateway is prone to an unspecified command-injection vulnerability because it fails to adequately sanitize user-supplied input. \nAttackers can exploit this issue to execute arbitrary commands with root privileges. Successful exploits could compromise the application and possibly the underlying system. \nThe following versions are affected:\nMcAfee Email Gateway 7.0 through 7.0.3\nMcAfee Email Gateway 7.5 through 7.5.0. The solution offers incoming threat protection, outgoing encryption, data loss prevention, and more. A security vulnerability exists in MEG 7.0 prior to 7.0.4 and 7.5 prior to 7.5.1",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6349"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004998"
},
{
"db": "BID",
"id": "63544"
},
{
"db": "VULHUB",
"id": "VHN-66351"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6349",
"trust": 2.8
},
{
"db": "OSVDB",
"id": "98669",
"trust": 1.7
},
{
"db": "MCAFEE",
"id": "SB10057",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004998",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-011",
"trust": 0.6
},
{
"db": "BID",
"id": "63544",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-66351",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66351"
},
{
"db": "BID",
"id": "63544"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004998"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-011"
},
{
"db": "NVD",
"id": "CVE-2013-6349"
}
]
},
"id": "VAR-201311-0213",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-66351"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:02:50.967000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SB10057",
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10057"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004998"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66351"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004998"
},
{
"db": "NVD",
"id": "CVE-2013-6349"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://osvdb.org/98669"
},
{
"trust": 1.6,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10057"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6349"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6349"
},
{
"trust": 0.3,
"url": "http://www.mcafee.com/"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10057"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66351"
},
{
"db": "BID",
"id": "63544"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004998"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-011"
},
{
"db": "NVD",
"id": "CVE-2013-6349"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-66351"
},
{
"db": "BID",
"id": "63544"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004998"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-011"
},
{
"db": "NVD",
"id": "CVE-2013-6349"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-02T00:00:00",
"db": "VULHUB",
"id": "VHN-66351"
},
{
"date": "2013-10-15T00:00:00",
"db": "BID",
"id": "63544"
},
{
"date": "2013-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004998"
},
{
"date": "2013-11-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-011"
},
{
"date": "2013-11-02T21:55:04.677000",
"db": "NVD",
"id": "CVE-2013-6349"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-04T00:00:00",
"db": "VULHUB",
"id": "VHN-66351"
},
{
"date": "2013-10-15T00:00:00",
"db": "BID",
"id": "63544"
},
{
"date": "2013-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004998"
},
{
"date": "2013-11-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-011"
},
{
"date": "2024-11-21T01:59:03.680000",
"db": "NVD",
"id": "CVE-2013-6349"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-011"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "McAfee Email Gateway Vulnerable to arbitrary command execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004998"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-011"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…