CVE-2020-7336
6.6
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
Summary
Cross Site Request Forgery vulnerability in McAfee Network Security Management (NSM) prior to 10.1.7.35 and NSM 9.x prior to 9.2.9.55 may allow an attacker to change the configuration of the Network Security Manager via a carefully crafted HTTP request.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| McAfee | Network Security Management (NSM) | NSM 10.x < 10.1.7.35 | affected |
| McAfee | Network Security Management (NSM) | NSM 9.x < 9.2.9.55 | affected |
Weaknesses
- CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.