CVE-2017-3961: SB10192 - Network Security Management (NSM) - Cross-Site Scripting (XSS) vulnerability
First published: Fri May 25 2018(Updated: )
Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to allow arbitrary HTML code to be reflected in the response web page via crafted user input of attributes.
Credit: psirt@mcafee.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee Network Security Manager | <8.2.7.42.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2017-3961.
What is the severity rating of CVE-2017-3961?
CVE-2017-3961 has a severity rating of medium (5.4).
What is the impacted software for CVE-2017-3961?
The impacted software for CVE-2017-3961 is McAfee Network Security Manager version up to 8.2.7.42.2.
What is the CWE category for CVE-2017-3961?
The CWE category for CVE-2017-3961 is CWE-79 (Cross-Site Scripting).
How can I fix the Cross-Site Scripting (XSS) vulnerability in McAfee Network Security Manager?
To fix the Cross-Site Scripting (XSS) vulnerability in McAfee Network Security Manager, update to version 8.2.7.42.2 or later.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/title
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/tags
- agent/description
- vendor/mcafee
- canonical/mcafee network security manager