CVE-2017-3971: Weak Encryption
First published: Wed Apr 04 2018(Updated: )
Cryptanalysis vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to view confidential information via insecure use of RC4 encryption cyphers.
Credit: psirt@mcafee.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee Network Security Manager | <8.2.7.42.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2017-3971?
CVE-2017-3971 is a cryptanalysis vulnerability in the web interface in McAfee Network Security Management (NSM) before version 8.2.7.42.2.
How does CVE-2017-3971 affect McAfee Network Security Management?
CVE-2017-3971 allows attackers to view confidential information through insecure use of RC4 encryption cyphers in the web interface of McAfee Network Security Management before version 8.2.7.42.2.
What is the severity of CVE-2017-3971?
The severity of CVE-2017-3971 is high with a CVSS score of 6.5.
How can I fix CVE-2017-3971?
To fix CVE-2017-3971, it is recommended to update McAfee Network Security Management to version 8.2.7.42.2 or later.
Where can I find more information about CVE-2017-3971?
You can find more information about CVE-2017-3971 on the official McAfee website: https://kc.mcafee.com/corporate/index?page=content&id=SB10192
- collector/nvd-index
- vendor/mcafee
- canonical/mcafee network security manager