High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-12	CVE-2017-3960	Unspecified vulnerability in Mcafee Network Security Manager Exploitation of Authorization vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to gain elevated privileges via a crafted HTTP request parameter. network low complexity mcafee	8.8
2018-04-04	CVE-2017-3965	Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Network Security Manager Cross-Site Request Forgery (CSRF) (aka Session Riding) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to perform unauthorized tasks such as retrieving internal system information or manipulating the database via specially crafted URLs. network low complexity mcafee CWE-352	8.8