12 matches found
EUVD-2017-13085
Malware in sbrugna...
Cross site scripting
Cross site scripting vulnerability in McAfee Network Security Management NSM Prior to 9.1 update 6 Mar 2020 Update allows attackers to unspecified impact via unspecified vectors...
CVE-2019-3602 Cross site scripting vulnerability in McAfee NSM impacting authenticated users
Cross Site Scripting XSS vulnerability in McAfee Network Security Manager NSM Prior to 9.1 Update 5 allows an authenticated administrator to embed an XSS in the administrator interface via a specially crafted custom rule containing HTML...
CVE-2019-3606
Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management NSM 9.1 9.1.7.75 Update 4 and 9.2 9.2.7.31 Update2 allows administrators to view configuration information in plain text format via the GUI or GUI terminal commands...
Design/Logic Flaw
Abuse of Functionality vulnerability in the web interface in McAfee Network Security Management NSM 9.1.7.11 and earlier allows authenticated users to allow arbitrary HTML code to be reflected in the response web page via appliance web interface...
Design/Logic Flaw
Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management NSM before 8.2.7.42.2 allows attackers to crack user passwords via unsalted hashes...
CVE-2017-3962
Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management NSM before 8.2.7.42.2 allows attackers to crack user passwords via unsalted hashes...
CVE-2017-3960
The CVE-2017-3960 entry relates to McAfee Network Security Management (NSM) web interface: an authorization vulnerability that lets authenticated users gain elevated privileges via a crafted HTTP request parameter. Affected product: NSM web interface prior to version 8.2.7.42.2. Root cause: impro...
CVE-2017-3962 McAfee Network Security Management (NSM) - Password recovery exploitation vulnerability
Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management NSM before 8.2.7.42.2 allows attackers to crack user passwords via unsalted hashes...
Design/Logic Flaw
Abuse of communication channels vulnerability in the server in McAfee Network Security Management NSM before 8.2.7.42.2 allows man-in-the-middle attackers to decrypt messages via an inadequate implementation of SSL...
CVE-2017-3964 SB10192 - Network Security Management (NSM) - Reflective Cross-Site Scripting (XSS) vulnerability
Reflective Cross-Site Scripting XSS vulnerability in the web interface in McAfee Network Security Management NSM before 8.2.7.42.2 allows attackers to inject arbitrary web script or HTML via a URL parameter...
McAfee Network Security Manager Bypass / Hijack
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 SecureWorks Security Advisory SWRX-2009-002 McAfee Network Security Manager Authentication Bypass and Session Hijacking Vulnerability Advisory Information Title: McAfee Network Security Manager Authentication Bypass and Session Hijacking Vulnerabili...