Описание
Cross-Site Request Forgery (CSRF) (aka Session Riding) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to perform unauthorized tasks such as retrieving internal system information or manipulating the database via specially crafted URLs.
Уязвимые конфигурации
Конфигурация 1Версия до 8.2.7.42.2 (исключая)
cpe:2.3:a:mcafee:network_security_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00179
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Cross-Site Request Forgery (CSRF) (aka Session Riding) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to perform unauthorized tasks such as retrieving internal system information or manipulating the database via specially crafted URLs.
EPSS
Процентиль: 40%
0.00179
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352