Update CVE-2017-3967.json

Sb10192
2025-05-31 18:51:46 +00:00 · 2018-04-03 16:21:04 -05:00 · 2018-04-03 16:21:04 -05:00 · b0ffb8d4e1
commit b0ffb8d4e1
parent 3de98c2f7f
1 changed files with 77 additions and 11 deletions
--- a/2017/3xxx/CVE-2017-3967.json
+++ b/2017/3xxx/CVE-2017-3967.json
@ -1,18 +1,84 @@
 {
-   "CVE_data_meta" : {
-      "ASSIGNER" : "cve@mitre.org",
-      "ID" : "CVE-2017-3967",
-      "STATE" : "RESERVED"
+   "CVE_data_meta": {
+      "ASSIGNER": "psirt@mcafee.com",
+      "DATE_PUBLIC": "2017-03-29T17:00:00.000Z",
+      "ID": "CVE-2017-3967",
+      "STATE": "PUBLIC",
+      "TITLE": "SB10192 - Network Security Management (NSM) - Target influence via framing vulnerability"
   },
-   "data_format" : "MITRE",
-   "data_type" : "CVE",
-   "data_version" : "4.0",
-   "description" : {
-      "description_data" : [
+   "affects": {
+      "vendor": {
+         "vendor_data": [
+            {
+               "product": {
+                  "product_data": [
+                     {
+                        "product_name": "Network Security Management (NSM)",
+                        "version": {
+                           "version_data": [
+                              {
+                                 "affected": "<",
+                                 "version_name": "8.2",
+                                 "version_value": "8.2.7.42.2"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name": "McAfee"
+            }
+         ]
+      }
+   },
+   "data_format": "MITRE",
+   "data_type": "CVE",
+   "data_version": "4.0",
+   "description": {
+      "description_data": [
         {
-            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            "lang": "eng",
+            "value": "Target influence via framing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to inject arbitrary web script or HTML via application pages inability to break out of 3rd party HTML frames."
         }
      ]
+   },
+   "impact": {
+      "cvss": {
+         "attackComplexity": "LOW",
+         "attackVector": "NETWORK",
+         "availabilityImpact": "HIGH",
+         "baseScore": 6.1,
+         "baseSeverity": "MEDIUM",
+         "confidentialityImpact": "NONE",
+         "integrityImpact": "HIGH",
+         "privilegesRequired": "HIGH",
+         "scope": "UNCHANGED",
+         "userInteraction": "REQUIRED",
+         "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:H",
+         "version": "3.0"
+      }
+   },
+   "problemtype": {
+      "problemtype_data": [
+         {
+            "description": [
+               {
+                  "lang": "eng",
+                  "value": "Target influence via framing vulnerability"
+               }
+            ]
+         }
+      ]
+   },
+   "references": {
+      "reference_data": [
+         {
+            "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10192"
+         }
+      ]
+   },
+   "source": {
+      "advisory": "SB10192",
+      "discovery": "EXTERNAL"
   }
 }