CSRF in Mcafee Vulnerability_manager
CVE-2014-1473
Multiple cross-site request forgery (CSRF) vulnerabilities in the Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.5 and earlier allow remote attackers to hijack the authentication of users for requests that modify HTML via uns…
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.007 (48.3th percentile) — read the EPSS interpretation.
Affected products
- Mcafee Vulnerability_manager — versions 7.0.11, 7.5.4
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)