CVE-2017-3964 LOW

CVE-2017-3964: SB10192 - Network Security Management (NSM) - Reflective Cross-Site Scripting (XSS) vulnerability

Vendor Mcafee
Product Network Security Management (NSM)
Published April 4, 2018
Last update September 17, 2024

CVSS base score

3.5/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

Reflective Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to inject arbitrary web script or HTML via a URL parameter.

Key dates

02Disclosure timeline

April 4, 2018 CVE published
September 17, 2024 Record updated