Vulnerability Details CVE-2019-3639
Clickjack vulnerability in Adminstrator web console in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows remote attackers to conduct clickjacking attacks via a crafted web page that contains an iframe via does not send an X-Frame-Options HTTP header.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.5%
CVSS Severity
CVSS v3 Score 7.1
CVSS v2 Score 5.8
References
Products affected by CVE-2019-3639
-
cpe:2.3:a:mcafee:web_gateway:7.8.2.0
-
cpe:2.3:a:mcafee:web_gateway:7.8.2.1
-
cpe:2.3:a:mcafee:web_gateway:7.8.2.10
-
cpe:2.3:a:mcafee:web_gateway:7.8.2.11
-
cpe:2.3:a:mcafee:web_gateway:7.8.2.2
-
cpe:2.3:a:mcafee:web_gateway:7.8.2.3
-
cpe:2.3:a:mcafee:web_gateway:7.8.2.4
-
cpe:2.3:a:mcafee:web_gateway:7.8.2.5
-
cpe:2.3:a:mcafee:web_gateway:7.8.2.6
-
cpe:2.3:a:mcafee:web_gateway:7.8.2.7
-
cpe:2.3:a:mcafee:web_gateway:7.8.2.8
-
cpe:2.3:a:mcafee:web_gateway:7.8.2.9