CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-3933

Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 40.1%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

http://www.securityfocus.com/bid/101628
https://kc.mcafee.com/corporate/index?page=content&id=SB10198
http://www.securityfocus.com/bid/101628
https://kc.mcafee.com/corporate/index?page=content&id=SB10198

Products affected by CVE-2017-3933

Mcafee » Network Data Loss Prevention » Version: 9.3.0

cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.0
Mcafee » Network Data Loss Prevention » Version: 9.3.1

cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.1
Mcafee » Network Data Loss Prevention » Version: 9.3.2

cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.2
Mcafee » Network Data Loss Prevention » Version: 9.3.3

cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.3
Mcafee » Network Data Loss Prevention » Version: 9.3.4

cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-3933

Products

Pricing

Contact Us