Short Name |
APP:MCAFEE-FIREWALL-RCE |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
McAfee Firewall Reporter isValidClient Remote Code Execution |
Release Date |
2011/06/17 |
Update Number |
1942 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against McAfee Firewall. A successful attack can lead to arbitrary remote code execution.
McAfee Firewall Reporter is prone to an authentication-bypass vulnerability. Successfully exploiting this issue will allow attackers to point the 'cgisess' cookie value to an arbitrary file that exists on the server, bypassing certain security restrictions. This issue may allow websites to bypass certain security restrictions and gain access to potentially sensitive information. This issue was introduced in McAfee Firewall Reporter 5.1.0.6