CVE-2020-7336

Name of the Vulnerable Software and Affected Versions: McAfee Network Security Management (NSM) versions prior to 10.1.7.35 McAfee Network Security Management (NSM) 9.x versions prior to 9.2.9.55

Description: A Cross Site Request Forgery issue may allow an attacker to change the configuration of the Network Security Manager via a carefully crafted HTTP request. This could potentially impact the security of the network by allowing unauthorized changes to the configuration.

Recommendations: For versions prior to 10.1.7.35, update to version 10.1.7.35 or later to resolve the issue. For NSM 9.x versions prior to 9.2.9.55, update to version 9.2.9.55 or later to resolve the issue. As a temporary workaround, consider restricting access to the Network Security Manager to minimize the risk of exploitation.