CVE-2014-1473

Multiple cross-site request forgery (CSRF) vulnerabilities in the Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.5 and earlier allow remote attackers to hijack the authentication of users for requests that modify HTML via unspecified vectors related to the "response web page."
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
VendorProductVersion
mcafeevulnerability_manager
𝑥
≤ 7.5.5
mcafeevulnerability_manager
7.0.11
mcafeevulnerability_manager
7.5.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/101939
http://secunia.com/advisories/56394
http://www.securityfocus.com/bid/64795
http://www.securitytracker.com/id/1029591
https://exchange.xforce.ibmcloud.com/vulnerabilities/90245
https://kc.mcafee.com/corporate/index?page=content&id=SB10061
http://osvdb.org/101939
http://secunia.com/advisories/56394
http://www.securityfocus.com/bid/64795
http://www.securitytracker.com/id/1029591
https://exchange.xforce.ibmcloud.com/vulnerabilities/90245
https://kc.mcafee.com/corporate/index?page=content&id=SB10061