CVE-2014-2536

medium

Trellix

CVSS v3 Base Score

4.3

AV:N/AC:M/Au:N/C:P/I:N/A:N

EPSS Score

0.8%

Exploitation probability in 30 days

Top 27% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Confidentiality

Integrity

None

Availability

None

Published: March 18, 2014 (4440 days ago)

Last Modified: May 6, 2026

Vendor: Trellix

Source: NVD

Description

Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0, 3.1, and 3.5.1, McAfee Cloud Single Sign On (MCSSO) before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1 and 2.5 allows remote authenticated users to read an unspecified file containing a hash of the administrator password via unknown vectors.

CWE

CWE-22

Affected Products

intel expressway cloud access 360mcafee cloud identity managermcafee cloud single sign on

References

🔗 secunia.com 🔗 secunia.com 🔗 www.securityfocus.com 🔗 kc.mcafee.com 🔗 secunia.com

CVE-2014-2536

Vulnerability Report

Description

CWE

Affected Products

References