CVE-2020-7336

Cross Site Request Forgery vulnerability in McAfee Network Security Management (NSM) prior to 10.1.7.35 and NSM 9.x prior to 9.2.9.55 may allow an attacker to change the configuration of the Network Security Manager via a carefully crafted HTTP request.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mcafee:network_security_management:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:network_security_management:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:37

Type Values Removed Values Added
CVSS v2 : 4.3
v3 : 6.5
v2 : 4.3
v3 : 6.6
References () https://kc.mcafee.com/corporate/index?page=content&id=SB10341 - Broken Link () https://kc.mcafee.com/corporate/index?page=content&id=SB10341 - Broken Link

16 Nov 2023, 02:48

Type Values Removed Values Added
References () https://kc.mcafee.com/corporate/index?page=content&id=SB10341 - () https://kc.mcafee.com/corporate/index?page=content&id=SB10341 - Broken Link
CWE CWE-352

07 Nov 2023, 03:26

Type Values Removed Values Added
CWE CWE-352
References (CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10341 - Vendor Advisory () https://kc.mcafee.com/corporate/index?page=content&id=SB10341 -

Information

Published : 2021-01-05 23:15

Updated : 2024-11-21 05:37


NVD link : CVE-2020-7336

Mitre link : CVE-2020-7336

CVE.ORG link : CVE-2020-7336


JSON object : View

Products Affected

mcafee

  • network_security_management
CWE
CWE-352

Cross-Site Request Forgery (CSRF)