Session Hijacking Vulnerability in McAfee Network Security Management (NSM)

Session Hijacking Vulnerability in McAfee Network Security Management (NSM)

CVE-2017-3966 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to exploit or harm a user's browser via reusing the exposed session token in the application URL.

Learn more about our Web App Pen Testing.