cvelist/2017/3xxx/CVE-2017-3967.json

{
    "CVE_data_meta": {
        "ASSIGNER": "psirt@mcafee.com",
        "DATE_PUBLIC": "2017-03-29T17:00:00.000Z",
        "ID": "CVE-2017-3967",
        "STATE": "PUBLIC",
        "TITLE": "SB10192 - Network Security Management (NSM) - Target influence via framing vulnerability"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Network Security Management (NSM)",
                                "version": {
                                    "version_data": [
                                        {
                                            "affected": "<",
                                            "version_name": "8.2",
                                            "version_value": "8.2.7.42.2"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "McAfee"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Target influence via framing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to inject arbitrary web script or HTML via application pages inability to break out of 3rd party HTML frames."
            }
        ]
    },
    "impact": {
        "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:H",
            "version": "3.0"
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Target influence via framing vulnerability"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10192",
                "refsource": "CONFIRM",
                "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10192"
            }
        ]
    },
    "source": {
        "advisory": "SB10192",
        "discovery": "EXTERNAL"
    }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
"-Synchronized-Data." 2019-03-18 05:16:21 +00:00			`"CVE_data_meta": {`
			`"ASSIGNER": "psirt@mcafee.com",`
			`"DATE_PUBLIC": "2017-03-29T17:00:00.000Z",`
			`"ID": "CVE-2017-3967",`
			`"STATE": "PUBLIC",`
			`"TITLE": "SB10192 - Network Security Management (NSM) - Target influence via framing vulnerability"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Network Security Management (NSM)",`
			`"version": {`
			`"version_data": [`
			`{`
			`"affected": "<",`
			`"version_name": "8.2",`
			`"version_value": "8.2.7.42.2"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "McAfee"`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
Update CVE-2017-3967.json Sb10192 2018-04-03 16:21:04 -05:00			`{`
"-Synchronized-Data." 2019-03-18 05:16:21 +00:00			`"lang": "eng",`
			`"value": "Target influence via framing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to inject arbitrary web script or HTML via application pages inability to break out of 3rd party HTML frames."`
Update CVE-2017-3967.json Sb10192 2018-04-03 16:21:04 -05:00			`}`
"-Synchronized-Data." 2019-03-18 05:16:21 +00:00			`]`
			`},`
			`"impact": {`
			`"cvss": {`
			`"attackComplexity": "LOW",`
			`"attackVector": "NETWORK",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 6.1,`
			`"baseSeverity": "MEDIUM",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "HIGH",`
			`"privilegesRequired": "HIGH",`
			`"scope": "UNCHANGED",`
			`"userInteraction": "REQUIRED",`
			`"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:H",`
			`"version": "3.0"`
			`}`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "Target influence via framing vulnerability"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10192",`
			`"refsource": "CONFIRM",`
			`"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10192"`
			`}`
			`]`
			`},`
			`"source": {`
			`"advisory": "SB10192",`
			`"discovery": "EXTERNAL"`
			`}`
			`}`