Mcafee: >> Network Data Loss Prevention >> 9.3.4 Security Vulnerabilities
Session fixation vulnerability in the web interface in McAfee Network Security Manager (NSM) before 8.2.7.42.2 and McAfee Network Data Loss Prevention (NDLP) before 9.3.4.1.5 allows remote attackers to disclose sensitive information or manipulate the database via a crafted authentication cookie.
CVSS Score
7.5
EPSS Score
0.005
Published
2018-06-13
Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-10-31