Just received this warning from the Secunia mailing-list
Nahuel Grisolía has reported a vulnerability in McAfee Email Gateway, which can be exploited by malicious users to bypass certain security restrictions.
The vulnerability is caused due to the Web Access interface performing insufficient checks for requests received from unprivileged users. This can be exploited by a user without write privileges to make configuration changes and e.g. add an administrative user.
The vulnerability is reported in version 6.7.1. Other versions may also be affected.
Restrict access to the Web Access console to trusted users only.
This issue is addressed with hotfix 3 for 6.7.2. The hotfix is currently in controlled release and, if no problems are found, could be released in two weeks.