Multiple CSRF Vulnerabilities in McAfee Vulnerability Manager Affecting Administrators
CVE-2015-7612

Currently unrated

Key Information:

Vendor: Mcafee
Status: Vulnerability Manager
Vendor: CVE Published:; 1 October 2015

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities have been identified in the Organizations page of McAfee Vulnerability Manager, specifically in versions prior to 7.5.9. These vulnerabilities enable remote attackers to exploit the application and hijack the authentication credentials of administrators. Exploiting these flaws allows attackers to execute unauthorized requests due to insufficient verification of user requests, potentially leading to significant implications for the security of the targeted system.

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1033682

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 1, 2015