CVE-2012-4589

low

Published 2012-08-22 · Modified 2026-04-29

CVSS v3

—

CVSS v2

2.1

VIR risk

2.1

Description

Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — https://kc.mcafee.com/corporate/index?page=content&id=SB10022

Application impact

Vendor	Product	Versions	Fixed
mcafee	enterprise_mobility_manager	`{"endIncluding":"9.6"}`
mcafee	enterprise_mobility_manager	`4.7`

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/78223
https://kc.mcafee.com/corporate/index?page=content&id=SB10022
https://exchange.xforce.ibmcloud.com/vulnerabilities/78223
https://kc.mcafee.com/corporate/index?page=content&id=SB10022

Verify integrity in audit chain (admin only). AS-IS.