CVE-2017-3965

Summary

Cross-Site Request Forgery (CSRF) (aka Session Riding) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to perform unauthorized tasks such as retrieving internal system information or manipulating the database via specially crafted URLs.

Affected Software

VendorProductVersion RangeStatus
McAfeeNetwork Security Management (NSM)8.2 < 8.2.7.42.2affected

Weaknesses

  • Cross-Site Request Forgery (CSRF) (aka Session Riding) vulnerability

ADP Enrichment

CVE Program Container

Additional References

References