McAfee Network Security Manager Information Disclosure Vulnerability

McAfee Network Security Manager is prone to an information-disclosure vulnerability because it fails to properly protect sensitive cookie data with the 'HTTPOnly' protection mechanism.

A successful exploit may allow attackers to steal cookie-based authentication credentials; information harvested may aid in further attacks.

This issue affects McAfee Network Security Manager 5.1.7.7; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus