CVEs-PoC/2017/CVE-2017-3966.md

### [CVE-2017-3966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3966)
![](https://img.shields.io/static/v1?label=Product&message=Network%20Security%20Management%20(NSM)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=8.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Exploitation%20of%20session%20variables%2C%20resource%20IDs%20and%20other%20trusted%20credentials%20vulnerability&color=brightgreen)

### Description

Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to exploit or harm a user's browser via reusing the exposed session token in the application URL.

### POC

#### Reference
- https://kc.mcafee.com/corporate/index?page=content&id=SB10192

#### Github
No PoCs found on GitHub currently.