MEDIUMπŸ‡΅πŸ‡± Wersja polska

CVE-2020-7292

CVSS 4.3v3.1pub. 2020-07-15upd. 2024-11-21

Inappropriate Encoding for output context vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows a remote attacker to cause MWG to return an ambiguous redirect response via getting a user to click on a malicious URL.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
  • Mcafee Web Gateway

    APP
    Mcafee
    7.8.0 – 7.8.2.22 (bez)8.2.0 – 8.2.9 (bez)9.0.0 – 9.2.1 (bez)
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2021-23885CRITICAL9.0ten sam produkt

Privilege escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.8 allows an authenticated user to ...

CVE-2020-7293CRITICAL9.0ten sam produkt

Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interf...

CVE-2019-9169CRITICAL9.8ten sam produkt

In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based ...

CVE-2018-18311CRITICAL9.8ten sam produkt

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that trigge...

CVE-2016-4448CRITICAL9.8ten sam produkt

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format str...

CVE-2020-7292 β€” Mcafee β€” Web Gateway β€” MEDIUM β€” CVSS 4.3 | CVEbaza.pl