CVE-2017-4014

EUVD-2017-13131
Session Side jacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view, add, and remove users via modification of the HTTP request.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
Affected Products (NVD)
VendorProductVersion
mcafeenetwork_data_loss_prevention
𝑥
≤ 9.3.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securitytracker.com/id/1038523
https://kc.mcafee.com/corporate/index?page=content&id=SB10198
http://www.securitytracker.com/id/1038523
https://kc.mcafee.com/corporate/index?page=content&id=SB10198