Web Administration Broken Access Control in McAfee Email Gateway (formerly IronMail)

vendor:

Email Gateway (formerly IronMail)

by:

Nahuel Grisolía from Cybsec Labs

6,8

CVSS

MEDIUM

Broken Access Control

287

CWE

Product Name: Email Gateway (formerly IronMail)

Affected Version From: Secure Mail (Ironmail) ver.6.7.1

Affected Version To: Secure Mail (Ironmail) ver.6.7.1

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: FreeBSD 6.2 / Apache-Coyote 1.1

2010

Web Administration Broken Access Control in McAfee Email Gateway (formerly IronMail)

Ironmail was found to allow Web Access users to execute arbitrary actions with Write rights, due to an improper profile check.

Mitigation:

Vendor was informed. A patch is being developed.

Source

Exploit-DB raw data:

Advisory Name:Web Administration Broken Access Control in McAfee Email Gateway (formerly IronMail)
Vulnerability Class: Broken Access Control
Release Date: May 19, 2010
Affected Applications: Secure Mail (Ironmail) ver.6.7.1
Affected Platforms: FreeBSD 6.2 / Apache-Coyote 1.1
Local / Remote: Local
Severity: Medium – CVSS: 6.8 (AV:L/AC:L/Au:S/C:C/I:C/A:C)
Researcher: Nahuel Grisolía from Cybsec Labs
Vendor Status: Vendor was informed. A patch is being developed.
Reference to Vulnerability Disclosure Policy: http://www.cybsec.com/vulnerability_policy.pdf
Vulnerability Description:
Ironmail was found to allow Web Access users to execute arbitrary actions with Write rights, due to an
improper profile check.

===========
Download:
===========
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/12658.pdf (cybsec_advisory_2010_0501_Ironmail_Advisory_Web_Access_Broken_Access.pdf)