CVE-2016-2199

HIGH

McAfee Vulnerability Manager < 7.5.9 - Cross-Site Request Forgery in Organizations and Remediation Management Page

Title source: llm

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations and Remediation management page in Enterprise Manager in McAfee Vulnerability Manager (MVM) before 7.5.10 allow remote attackers to hijack the authentication of administrators for requests that have unspecified impact via unknown vectors.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://kc.mcafee.com/corporate/index?page=content&id=SB10147

Scores

CVSS v3 8.8

EPSS 0.0012

EPSS Percentile 30.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-352

Status published

Products (1)

mcafee/vulnerability_manager < 7.5.9

Published Feb 01, 2016

Tracked Since Feb 18, 2026