CSRF Vulnerability in McAfee Network Security Management (NSM) Allows Unauthorized Actions

CSRF Vulnerability in McAfee Network Security Management (NSM) Allows Unauthorized Actions

CVE-2017-3965 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-Site Request Forgery (CSRF) (aka Session Riding) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to perform unauthorized tasks such as retrieving internal system information or manipulating the database via specially crafted URLs.

Learn more about our Web App Pen Testing.