CVE-2014-2390

Name of the Vulnerable Software and Affected Versions McAfee Network Security Manager (NSM) versions prior to 6.1.15.39 McAfee Network Security Manager (NSM) versions 7.1.5.x prior to 7.1.5.15 McAfee Network Security Manager (NSM) versions 7.1.15.x prior to 7.1.15.7 McAfee Network Security Manager (NSM) versions 7.5.x prior to 7.5.5.9 McAfee Network Security Manager (NSM) versions 8.x prior to 8.1.7.3

Description A cross-site request forgery (CSRF) issue in the User Management module allows remote attackers to hijack user authentication for requests that modify user accounts.

Recommendations For versions prior to 6.1.15.39, update to version 6.1.15.39 or later. For versions 7.1.5.x prior to 7.1.5.15, update to version 7.1.5.15 or later. For versions 7.1.15.x prior to 7.1.15.7, update to version 7.1.15.7 or later. For versions 7.5.x prior to 7.5.5.9, update to version 7.5.5.9 or later. For versions 8.x prior to 8.1.7.3, update to version 8.1.7.3 or later.