Vulnerabilities > Mcafee > Network Security Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-04-04 CVE-2017-3966 Insufficient Session Expiration vulnerability in Mcafee Network Security Manager
Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to exploit or harm a user's browser via reusing the exposed session token in the application URL.
network
low complexity
mcafee CWE-613
6.3
2018-04-04 CVE-2017-3964 Cross-site Scripting vulnerability in Mcafee Network Security Manager
Reflective Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to inject arbitrary web script or HTML via a URL parameter.
network
low complexity
mcafee CWE-79
5.4