CVE-2017-3966 is a vulnerability in McAfee Network Security Management
Published on April 4, 2018
SB10192 - Network Security Management (NSM) - Exploitation of session variables, resource IDs and other trusted credentials vulnerability
Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to exploit or harm a user's browser via reusing the exposed session token in the application URL.
Products Associated with CVE-2017-3966
Want to know whenever a new CVE is published for McAfee Network Security Management? stack.watch will email you.
Affected Versions
McAfee Network Security Management (NSM):- Version 8.2 and below 8.2.7.42.2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.