CVE-2012-4587 - OpenCVE

McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1, when one-time provisioning (OTP) mode is enabled, have an improper dependency on DNS SRV records, which makes it easier for remote attackers to discover user passwords by spoofing the EMM server, as demonstrated by a password entered on an iOS device.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Mcafee	Enterprise Mobility Manager Agent Enterprise Mobility Manager

Configuration 1 [-]

OR	cpe:2.3:a:mcafee:enterprise_mobility_manager::::::::
	cpe:2.3:a:mcafee:enterprise_mobility_manager_agent::::::::

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/78130
https://kc.mcafee.com/corporate/index?page=content&id=SB10021	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2012-08-22T10:00:00

Updated: 2017-08-28T12:57:01

Reserved: 2012-08-22T00:00:00

Link: CVE-2012-4587

JSON object: View

NVD Information

Status : Modified

Published: 2012-08-22T10:42:05.007

Modified: 2017-08-29T01:32:19.743

Link: CVE-2012-4587

JSON object: View

Redhat Information

No data.

CWE

CWE-264

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-03-19T00:00:00", "descriptions": [{"lang": "en", "value": "McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1, when one-time provisioning (OTP) mode is enabled, have an improper dependency on DNS SRV records, which makes it easier for remote attackers to discover user passwords by spoofing the EMM server, as demonstrated by a password entered on an iOS device."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "mcafee-emm-dnssrv-spoofing(78130)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78130"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10021"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-4587", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1, when one-time provisioning (OTP) mode is enabled, have an improper dependency on DNS SRV records, which makes it easier for remote attackers to discover user passwords by spoofing the EMM server, as demonstrated by a password entered on an iOS device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "mcafee-emm-dnssrv-spoofing(78130)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78130"}, {"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10021", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10021"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-4587", "datePublished": "2012-08-22T10:00:00", "dateReserved": "2012-08-22T00:00:00", "dateUpdated": "2017-08-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:enterprise_mobility_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6DCCAEA-C934-4945-86FB-9E4A11C62FF7", "versionEndIncluding": "4.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:enterprise_mobility_manager_agent:*:*:*:*:*:*:*:*", "matchCriteriaId": "2818ACB8-CD7A-46EB-AD25-F709EA1C779B", "versionEndIncluding": "10.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1, when one-time provisioning (OTP) mode is enabled, have an improper dependency on DNS SRV records, which makes it easier for remote attackers to discover user passwords by spoofing the EMM server, as demonstrated by a password entered on an iOS device."}, {"lang": "es", "value": "McAfee Enterprise Mobility Manager (EMM) Agent antes de v4.8 y EMM Server antes de v10.1, cuando est\u00e1 habilitado el modo OTP, tienen una dependencia en registros SRV de DNS, lo que hace que sea m\u00e1s f\u00e1cil descubrir contrase\u00f1as de usuario a atacantes remotos haciendo un ataque de spoofing del servidor EMM, tal y como lo demuestra una contrase\u00f1a escrita en un dispositivo iOS.\r\n"}], "id": "CVE-2012-4587", "lastModified": "2017-08-29T01:32:19.743", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-08-22T10:42:05.007", "references": [{"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78130"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10021"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}