CVE-2018-6667 CRITICAL

CVE-2018-6667: McAfee Web Gateway - Authentication Bypass vulnerability

Vendor Mcafee
Product Web Gateway
Published June 26, 2018
Last update August 5, 2024

CVSS base score

10.0/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remote attackers to execute arbitrary code via Java management extensions (JMX).

Key dates

02Disclosure timeline

June 26, 2018 CVE published
August 5, 2024 Record updated