cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-23885,https://securityvulnerability.io/vulnerability/CVE-2021-23885,Privilege escalation vulnerability in McAfee Web Gateway (MWG) UI,Privilege escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance via incorrect improper neutralization of user input in the troubleshooting page.,"Mcafee,llc",Mcafee Web Gateway (mwg),9,CRITICAL,0.0009399999980814755,false,,false,false,false,,,false,false,,2021-02-17T09:20:14.000Z,0
CVE-2020-7297,https://securityvulnerability.io/vulnerability/CVE-2020-7297,Web Gateway (MWG) - Privilege Escalation vulnerability,Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to access protected dashboard data via improper access control in the user interface.,Mcafee,Mcafee Web Gateway (mwg),5.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-09-16T00:15:00.000Z,0
CVE-2020-7294,https://securityvulnerability.io/vulnerability/CVE-2020-7294,Web Gateway (MWG) - Privilege Escalation vulnerability,Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to delete or download protected files via improper access controls in the REST interface.,Mcafee,Mcafee Web Gateway (mwg),4.6,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-09-15T23:15:00.000Z,0
CVE-2020-7293,https://securityvulnerability.io/vulnerability/CVE-2020-7293,Web Gateway (MWG) - Privilege Escalation vulnerability,Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user with low permissions to change the system's root password via improper access controls in the user interface.,Mcafee,Mcafee Web Gateway (mwg),9,CRITICAL,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-09-15T23:15:00.000Z,0
CVE-2020-7295,https://securityvulnerability.io/vulnerability/CVE-2020-7295,Web Gateway (MWG) - Privilege Escalation vulnerability,Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to delete or download protected log data via improper access controls in the user interface.,Mcafee,Mcafee Web Gateway (mwg),3.5,LOW,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-09-15T23:15:00.000Z,0
CVE-2020-7296,https://securityvulnerability.io/vulnerability/CVE-2020-7296,Web Gateway (MWG) - Privilege Escalation vulnerability,Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to access protected configuration files via improper access control in the user interface.,Mcafee,Mcafee Web Gateway (mwg),5.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-09-15T23:15:00.000Z,0
CVE-2020-7292,https://securityvulnerability.io/vulnerability/CVE-2020-7292,Web Gateway (MWG) - Inappropriate Encoding for output context,Inappropriate Encoding for output context vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows a remote attacker to cause MWG to return an ambiguous redirect response via getting a user to click on a malicious URL.,Mcafee,Mcafee Web Gateway (mwg),4.3,MEDIUM,0.0013800000306218863,false,,false,false,false,,,false,false,,2020-07-15T14:50:14.000Z,0
CVE-2019-3638,https://securityvulnerability.io/vulnerability/CVE-2019-3638,Web Gateway (MWG) - Reflected Cross Site Scripting vulnerability,Reflected Cross Site Scripting vulnerability in Administrators web console in McAfee Web Gateway (MWG) 7.8.x prior to 7.8.2.13 allows remote attackers to collect sensitive information or execute commands with the MWG administrator's credentials via tricking the administrator to click on a carefully constructed malicious link.,Mcafee,Web Gateway(mwg),8.1,HIGH,0.006810000166296959,false,,false,false,false,,,false,false,,2019-09-12T15:14:29.000Z,0
CVE-2019-3644,https://securityvulnerability.io/vulnerability/CVE-2019-3644,MWG scanners updated to address CVE-2019-9517,"McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9517, potentially leading to a denial of service. This affects the scanning proxies.","Mcafee, Llc",Mcafee Web Gateway (mwg),7.5,HIGH,0.0021699999924749136,false,,false,false,false,,,false,false,,2019-09-11T14:08:37.000Z,0
CVE-2019-3643,https://securityvulnerability.io/vulnerability/CVE-2019-3643,MWG scanners updated to address CVE-2019-9511,"McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9511, potentially leading to a denial of service. This affects the scanning proxies.","Mcafee, Llc",Mcafee Web Gateway (mwg),5.3,MEDIUM,0.0021699999924749136,false,,false,false,false,,,false,false,,2019-09-11T14:08:19.000Z,0
CVE-2019-3639,https://securityvulnerability.io/vulnerability/CVE-2019-3639," MWG UI: Cross-Frame Scripting vulnerability",Clickjack vulnerability in Adminstrator web console in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows remote attackers to conduct clickjacking attacks via a crafted web page that contains an iframe via does not send an X-Frame-Options HTTP header.,"Mcafee, Llc",Mcafee Web Gateway (mwg),7.1,HIGH,0.004110000096261501,false,,false,false,false,,,false,false,,2019-08-14T16:20:39.000Z,0
CVE-2019-3635,https://securityvulnerability.io/vulnerability/CVE-2019-3635,MWG Proxy: Cross-Frame Scripting vulnerability,Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows attackers to obtain sensitive data via crafting a complex webpage that will trigger the Web Gateway to block the user accessing an iframe.,"Mcafee, Llc",Mcafee Web Gateway (mwg),4.3,MEDIUM,0.0015699999639764428,false,,false,false,false,,,false,false,,2019-08-14T16:18:50.000Z,0
CVE-2018-6677,https://securityvulnerability.io/vulnerability/CVE-2018-6677,McAfee Web Gateway (MWG) - Directory Traversal vulnerability,Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to gain elevated privileges via unspecified vectors.,Mcafee,Mcafee Web Gateway (mwg),7.6,HIGH,0.0007399999885819852,false,,false,false,false,,,false,false,,2018-07-23T13:00:00.000Z,0
CVE-2018-6678,https://securityvulnerability.io/vulnerability/CVE-2018-6678,McAfee Web Gateway (MWG) - Configuration/Environment manipulation vulnerability,Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors.,Mcafee,Mcafee Web Gateway (mwg),3.4,LOW,0.0008399999933317304,false,,false,false,false,,,false,false,,2018-07-23T13:00:00.000Z,0