CVE-2017-3966

Summary

Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to exploit or harm a user's browser via reusing the exposed session token in the application URL.

Affected Software

VendorProductVersion RangeStatus
McAfeeNetwork Security Management (NSM)8.2 < 8.2.7.42.2affected

Weaknesses

  • Exploitation of session variables, resource IDs and other trusted credentials vulnerability

ADP Enrichment

CVE Program Container

Additional References

References