CVE-2019-3602 : Vulnerability Insights and Analysis

An authenticated administrator of McAfee Network Security Manager (NSM) version before 9.1 Update 5 can encounter a Cross Site Scripting (XSS) vulnerability when embedding specially crafted HTML code in a custom rule.

Understanding CVE-2019-3602

This CVE involves a Cross Site Scripting vulnerability in McAfee NSM affecting authenticated users.

What is CVE-2019-3602?

CVE-2019-3602 is a Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) version prior to 9.1 Update 5, allowing an authenticated administrator to insert XSS via a custom rule.

The Impact of CVE-2019-3602

The vulnerability has a CVSS base score of 4.8 (Medium severity) with low impacts on confidentiality and integrity. It requires high privileges and user interaction.

Technical Details of CVE-2019-3602

This section provides detailed technical information about the CVE.

Vulnerability Description

An authenticated admin of McAfee NSM pre-9.1 Update 5 can exploit XSS via crafted HTML in a custom rule.

Affected Systems and Versions

Product: McAfee Network Security Manager (NSM)
Vendor: McAfee, LLC
Versions Affected: < 9.1 Update 5 (9.1.7.77)

Exploitation Mechanism

Attack Complexity: Low
Attack Vector: Network
Privileges Required: High
User Interaction: Required
Scope: Changed
Vector String: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Mitigation and Prevention

Protect your systems from CVE-2019-3602 with the following steps:

Immediate Steps to Take

Update McAfee NSM to version 9.1 Update 5 or later.
Monitor and restrict administrator access to prevent unauthorized rule modifications.

Long-Term Security Practices

Regularly review and update security policies and configurations.
Educate administrators on secure coding practices and the risks of XSS vulnerabilities.

Patching and Updates

Apply security patches and updates promptly to mitigate known vulnerabilities.