CVE-2020-7336

Summary

Cross Site Request Forgery vulnerability in McAfee Network Security Management (NSM) prior to 10.1.7.35 and NSM 9.x prior to 9.2.9.55 may allow an attacker to change the configuration of the Network Security Manager via a carefully crafted HTTP request.

Affected Software

VendorProductVersion RangeStatus
McAfeeNetwork Security Management (NSM)NSM 10.x < 10.1.7.35affected
McAfeeNetwork Security Management (NSM)NSM 9.x < 9.2.9.55affected

Weaknesses

  • CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

References