N/A

Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations and Remediation management page in Enterprise Manager in McAfee Vulnerability Manager (MVM) before 7.5.10 allow remote attackers to hijack the authentication of administrators for requests that have unspecified impact via unknown vectors.

N/A

N/A

McAfee Vulnerability Manager Enterprise Manager组件跨站请求伪造漏洞

McAfee Vulnerability Manager（MVM）是美国迈克菲（McAfee）公司的一套安全风险管理解决方案。该方案能够快速扫描网络中的漏洞及区分漏洞优先级，并进行评估，进而反映网络上所有资产的合规状态。 MVM 7.5.10之前版本的Enterprise Manager组件中的Organizations and Remediation管理页面中存在跨站请求伪造漏洞。远程攻击者可通过修改HTTP请求利用该漏洞执行未授权操作。

N/A

N/A