CVE-2020-7336

Network Security Management (NSM) - Cross Site Request Forgery vulnerability

CVSS 6.6 MEDIUMEPSS 0.5%CWE-352

Cross Site Request Forgery vulnerability in McAfee Network Security Management (NSM) prior to 10.1.7.35 and NSM 9.x prior to 9.2.9.55 may allow an attacker to change the configuration of the Network Security Manager via a carefully crafted HTTP request.

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H

Productos afectados

McAfee · Network Security Management (NSM)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://kc.mcafee.com/corporate/index?page=content&id=SB10341