PT-2018-7321 · Mcafee · Mcafee Network Security Management

Published

2018-04-03

Updated

2019-10-09

CVE-2017-3972

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: McAfee Network Security Management (NSM) versions prior to 8.2.7.42.2

Description: A vulnerability in the web interface of McAfee Network Security Management (NSM) allows attackers to execute arbitrary code. This is due to the server banner leaking potentially sensitive or security-relevant information.

Recommendations: For versions prior to 8.2.7.42.2, update to version 8.2.7.42.2 or later to resolve the issue.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2017-3972

Affected Products

Mcafee Network Security Management

PT-2018-7321 · Mcafee · Mcafee Network Security Management

CVE-2017-3972

Weakness Enumeration

Related Identifiers

Affected Products

References · 3