CVE-2014-1473: CSRF
First published: Thu Jan 16 2014(Updated: )
Multiple cross-site request forgery (CSRF) vulnerabilities in the Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.5 and earlier allow remote attackers to hijack the authentication of users for requests that modify HTML via unspecified vectors related to the "response web page."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee Vulnerability Manager | <=7.5.5 | |
| McAfee Vulnerability Manager | =7.0.11 | |
| McAfee Vulnerability Manager | =7.5.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-1473?
CVE-2014-1473 has been rated with a medium severity level due to its potential impact on user authentication.
How do I fix CVE-2014-1473?
The recommended fix for CVE-2014-1473 is to upgrade to McAfee Vulnerability Manager version 7.5.6 or a later version.
Who is affected by CVE-2014-1473?
CVE-2014-1473 affects users of McAfee Vulnerability Manager 7.5.5 and earlier versions.
What type of vulnerability is CVE-2014-1473?
CVE-2014-1473 is a cross-site request forgery (CSRF) vulnerability that can allow remote attackers to hijack user authentication.
What are the consequences of CVE-2014-1473?
Exploitation of CVE-2014-1473 can lead to unauthorized actions being performed on behalf of authenticated users, potentially compromising sensitive data.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/weakness
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- vendor/mcafee
- canonical/mcafee vulnerability manager
- version/mcafee vulnerability manager/7.5.5
- version/mcafee vulnerability manager/7.0.11
- version/mcafee vulnerability manager/7.5.4