McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1 record all invalid usernames presented in failed login attempts, and place them on a list of accounts that an administrator may wish to unlock, which allows remote attackers to cause a denial of service (excessive list size in the EMM Database) via a long sequence of login attempts with different usernames.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Enterprise_mobility_manager | Mcafee | * | 4.7 (including) |
| Enterprise_mobility_manager_agent | Mcafee | * | 10.0 (including) |