Vulnerabilities > Mcafee > Network Security Management

DATE CVE VULNERABILITY TITLE RISK
2021-01-05 CVE-2020-7336 Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Network Security Management 10.0/10.1.7.7/9.0
Cross Site Request Forgery vulnerability in McAfee Network Security Management (NSM) prior to 10.1.7.35 and NSM 9.x prior to 9.2.9.55 may allow an attacker to change the configuration of the Network Security Manager via a carefully crafted HTTP request.
network
low complexity
mcafee CWE-352
6.5
2020-07-03 CVE-2020-7284 Information Exposure vulnerability in Mcafee Network Security Management 10.0/9.0
Exposure of Sensitive Information in McAfee Network Security Management (NSM) prior to 10.1.7.7 allows local users to gain unauthorised access to the root account via execution of carefully crafted commands from the restricted command line interface (CLI).
local
low complexity
mcafee CWE-200
7.8