HTTP Strict Transport Security (HSTS) State Information Disclosure Vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x

HTTP Strict Transport Security (HSTS) State Information Disclosure Vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x

CVE-2017-3934 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

Missing HTTP Strict Transport Security state information vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows man-in-the-middle attackers to expose confidential data via read files on the webserver.

Learn more about our Web App Pen Testing.