Описание
Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to exploit or harm a user's browser via reusing the exposed session token in the application URL.
Уязвимые конфигурации
Конфигурация 1Версия до 8.2.7.42.2 (исключая)
cpe:2.3:a:mcafee:network_security_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.00221
Низкий
6.4 Medium
CVSS3
6.3 Medium
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-613
Связанные уязвимости
CVSS3: 6.3
github
больше 3 лет назад
Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to exploit or harm a user's browser via reusing the exposed session token in the application URL.
EPSS
Процентиль: 44%
0.00221
Низкий
6.4 Medium
CVSS3
6.3 Medium
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-613