← back
CVE-2017-3967

SB10192 - Network Security Management (NSM) - Target influence via framing vulnerability

CVSS 6.1 MEDIUMEPSS 0.7%
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.1EPSS 0.7%KEV nãoPoC Patch
Lifecycle
04 Apr 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Target influence via framing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to inject arbitrary web script or HTML via application pages inability to break out of 3rd party HTML frames.
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:H
Affected products
McAfee · Network Security Management (NSM)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://kc.mcafee.com/corporate/index?page=content&id=SB10192