CVE-2012-4588
Last modified
CVE-2012-4588 is a vulnerability of currently unknown severity. McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1 record all invalid usernames presented in failed login attempts, and place them on a list of accounts that an administrator may wish to unlock, which allows remote attackers to cause a denial of service (excessive list size in the EMM Database) via a long sequence of login attempts with different usernames.. EPSS estimates a 1.08% chance of exploitation in the next 30 days.
Description
McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1 record all invalid usernames presented in failed login attempts, and place them on a list of accounts that an administrator may wish to unlock, which allows remote attackers to cause a denial of service (excessive list size in the EMM Database) via a long sequence of login attempts with different usernames.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Mcafee | Enterprise Mobility Manager | <= 4.7 |
| Mcafee | Enterprise Mobility Manager Agent | <= 10.0 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2012-4588?
How severe is CVE-2012-4588?
How do I fix CVE-2012-4588?
Are you affected by CVE-2012-4588?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST