Vulnerability Details CVE-2017-3898
A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe (MLS) versions prior to 16.0.3 allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.042
EPSS Ranking 88.2%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References