QID 730371

Date Published: 2022-02-24

QID 730371: McAfee Web Gateway Multiple Vulnerabilities (WP-3335,WP-4131,WP-4159,WP-4237,WP-4259,WP-4329,WP-4348,WP-4355,WP-4376,WP-4407,WP-4421)

McAfee Web Gateway delivers comprehensive security for all aspects of web traffic in one high-performance appliance software architecture. For user-initiated web requests, McAfee Web Gateway first enforces an organization's internet use policy. Release 9.2.17 includes updates addressing publicly disclosed CVEs, regardless of whether a CVE has been shown to impact customers. Affected Versions:
McAfee Web Gateway (MWG) 9.2.x prior to 9.2.17

QID Detection Logic :
This QID retrieves McAfee Web Gateway version and checks to see if it's vulnerable.

Successful exploitation of these vulnerabilities affects the Confidentiality, Integrity and Availability

  • CVSS V3 rated as Critical - 10 severity.
  • CVSS V2 rated as Critical - 9.3 severity.
  • Solution
    McAfee MWG 9.2.17 update releases address these vulnerabilities. Please visit McAfee Web Gateway Update 9.2.17
    Software Advisories
    Advisory ID Software Component Link
    McAfee Web Gateway 9.2.x URL Logo docs.mcafee.com/bundle/web-gateway-9.2.x-release-notes/page/GUID-3D3B7577-6BFA-4E6C-812A-BCAD698FFACD.html