Description
Cryptanalysis vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to view confidential information via insecure use of RC4 encryption cyphers.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10192
Scores
CVSS v3
8.2
EPSS
0.0007
EPSS Percentile
20.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
Details
CWE
CWE-326
Status
published
Products (1)
mcafee/network_security_manager
< 8.2.7.42.2
Published
Apr 04, 2018
Tracked Since
Feb 18, 2026