PT-2018-7312 · Mcafee · Mcafee Network Security Management

Published

2018-06-12

Updated

2019-10-09

CVE-2017-3962

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: McAfee Network Security Management (NSM) versions prior to 8.2.7.42.2

Description: The issue concerns a password recovery exploitation vulnerability in the non-certificate-based authentication mechanism. This vulnerability allows attackers to crack user passwords via unsalted hashes.

Recommendations: For versions prior to 8.2.7.42.2, update to version 8.2.7.42.2 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-916

Related Identifiers

CVE-2017-3962

Affected Products

Mcafee Network Security Management

PT-2018-7312 · Mcafee · Mcafee Network Security Management

CVE-2017-3962

Weakness Enumeration

Related Identifiers

Affected Products

References · 3