CVE-2017-3966

Name of the Vulnerable Software and Affected Versions: McAfee Network Security Management (NSM) versions prior to 8.2.7.42.2

Description: The issue concerns the exploitation of session variables, resource IDs, and other trusted credentials in the web interface. This allows remote attackers to harm a user's browser by reusing the exposed session token in the application URL.

Recommendations: For versions prior to 8.2.7.42.2, update to version 8.2.7.42.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the web interface to minimize the risk of exploitation. Avoid reusing session tokens in application URLs until the issue is resolved.