CVE-2017-3969 HIGH

CVE-2017-3969: SB10192 - Network Security Management (NSM) - Abuse of communication channels vulnerability

Vendor Mcafee
Product Network Security Management (NSM)
Published April 4, 2018
Last update September 16, 2024

CVSS base score

8.2/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L

What the vulnerability does

01Description

Abuse of communication channels vulnerability in the server in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows man-in-the-middle attackers to decrypt messages via an inadequate implementation of SSL.

Key dates

02Disclosure timeline

April 4, 2018 CVE published
September 16, 2024 Record updated