Vulnerability Details CVE-2017-3962
Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to crack user passwords via unsalted hashes.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.9%
CVSS Severity
CVSS v3 Score 5.6
CVSS v2 Score 5.0
References
Products affected by CVE-2017-3962
-
cpe:2.3:a:mcafee:network_security_manager:6.1.15
-
cpe:2.3:a:mcafee:network_security_manager:6.1.15.38
-
cpe:2.3:a:mcafee:network_security_manager:6.1.15.39
-
cpe:2.3:a:mcafee:network_security_manager:7.1.15
-
cpe:2.3:a:mcafee:network_security_manager:7.1.15.6
-
cpe:2.3:a:mcafee:network_security_manager:7.1.15.7
-
cpe:2.3:a:mcafee:network_security_manager:7.1.5
-
cpe:2.3:a:mcafee:network_security_manager:7.1.5.14
-
cpe:2.3:a:mcafee:network_security_manager:7.1.5.15
-
cpe:2.3:a:mcafee:network_security_manager:7.5.5
-
cpe:2.3:a:mcafee:network_security_manager:7.5.5.8
-
cpe:2.3:a:mcafee:network_security_manager:7.5.5.9
-
cpe:2.3:a:mcafee:network_security_manager:8.1.7
-
cpe:2.3:a:mcafee:network_security_manager:8.1.7.2
-
cpe:2.3:a:mcafee:network_security_manager:8.1.7.3