CVE-2016-2199

Name of the Vulnerable Software and Affected Versions McAfee Vulnerability Manager (MVM) versions prior to 7.5.10

Description The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities found in the Organizations and Remediation management page in Enterprise Manager. These vulnerabilities could allow remote attackers to hijack the authentication of administrators for requests, although the specific impact of these requests is not detailed.

Recommendations For versions prior to 7.5.10, update to version 7.5.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the Organizations and Remediation management page in Enterprise Manager to minimize the risk of exploitation.