CVE-2017-3972: SB10192 - Network Security Management (NSM) - Infrastructure-based foot printing vulnerability
First published: Tue Apr 03 2018(Updated: )
Infrastructure-based foot printing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to execute arbitrary code via the server banner leaking potentially sensitive or security relevant information.
Credit: psirt@mcafee.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee Network Security Manager | <8.2.7.42.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2017-3972?
CVE-2017-3972 is an infrastructure-based foot printing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2.
How does CVE-2017-3972 affect McAfee Network Security Manager?
CVE-2017-3972 allows attackers to execute arbitrary code via the server banner leaking potentially sensitive or security relevant information.
What is the severity of CVE-2017-3972?
CVE-2017-3972 has a severity rating of critical (9.8).
How can I fix CVE-2017-3972?
To fix CVE-2017-3972, upgrade to McAfee Network Security Manager version 8.2.7.42.2 or later.
Where can I find more information about CVE-2017-3972?
You can find more information about CVE-2017-3972 at the following link: https://kc.mcafee.com/corporate/index?page=content&id=SB10192.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/title
- agent/references
- agent/author
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/event
- agent/description
- agent/first-publish-date
- vendor/mcafee
- canonical/mcafee network security manager