CVE-2014-2390

medium

Trellix

CVSS v3 Base Score

6.8

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS Score

0.1%

Exploitation probability in 30 days

Top 72% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Confidentiality

Integrity

Availability

Published: August 29, 2014 (4276 days ago)

Last Modified: May 6, 2026

Vendor: Trellix

Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in the User Management module in McAfee Network Security Manager (NSM) before 6.1.15.39 7.1.5.x before 7.1.5.15, 7.1.15.x before 7.1.15.7, 7.5.x before 7.5.5.9, and 8.x before 8.1.7.3 allows remote attackers to hijack the authentication of users for requests that modify user accounts via unspecified vectors.

CWE

CWE-352

Affected Products

mcafee network security manager

References

🔗 www.securitytracker.com 🔗 kc.mcafee.com 🔗 www.securitytracker.com 🔗 kc.mcafee.com

CVE-2014-2390

Vulnerability Report

Description

CWE

Affected Products

References