CVE-2013-7103

critical Trellix
CVSS v3 Base Score
9.0
AV:N/AC:L/Au:S/C:C/I:C/A:C
EPSS Score
0.7%
Exploitation probability in 30 days
Top 27% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: December 14, 2013 (4534 days ago)
Last Modified: April 29, 2026
Vendor: Trellix
Source: NVD

Description

McAfee Email Gateway 7.6 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the value attribute in a (1) TestFile XML element or the (2) hostname. NOTE: this issue can be combined with CVE-2013-7092 to allow remote attackers to execute commands.

CWE

CWE-78

Affected Products

mcafee email gateway

References

🔗 osvdb.org 🔗 packetstormsecurity.com 🔗 seclists.org 🔗 www.securityfocus.com 🔗 exchange.xforce.ibmcloud.com