HIGH🇬🇧 English

CVE-2017-3968

CVSS 7.5v3.0pub. 2018-06-13upd. 2024-11-21

Session fixation vulnerability in the web interface in McAfee Network Security Manager (NSM) before 8.2.7.42.2 and McAfee Network Data Loss Prevention (NDLP) before 9.3.4.1.5 allows remote attackers to disclose sensitive information or manipulate the database via a crafted authentication cookie.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L
  • Mcafee Network Data Loss Prevention

    APP
    Mcafee
    < 9.3.4.1.5
  • Mcafee Network Security Manager

    APP
    Mcafee
    < 8.2.7.42.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2019-3606HIGH7.7ten sam produkt

Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security ...

CVE-2017-3971HIGH8.2ten sam produkt

Cryptanalysis vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2...

CVE-2017-3965HIGH8.8ten sam produkt

Cross-Site Request Forgery (CSRF) (aka Session Riding) vulnerability in the web interface in McAfee Network Se...

CVE-2017-3969HIGH8.2ten sam produkt

Abuse of communication channels vulnerability in the server in McAfee Network Security Management (NSM) before...

CVE-2017-3972HIGH8.3ten sam produkt

Infrastructure-based foot printing vulnerability in the web interface in McAfee Network Security Management (N...