Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistIntelCVELIST:CVE-2017-3897
HistoryAug 31, 2017 - 12:00 a.m.

CVE-2017-3897

2017-08-3100:00:00
intel
www.cve.org

9.8 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.7%

JSON

A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions prior to 16.0.3 and McAfee Security Scan Plus (MSS+) versions prior to 3.11.599.3 allows network attackers to perform a malicious file execution via a HTTP backend-response.

CNA Affected

[
  {
    "product": "Live Safe",
    "vendor": "McAfee",
    "versions": [
      {
        "status": "affected",
        "version": "16.0.3"
      }
    ]
  },
  {
    "product": "Security Scan Plus",
    "vendor": "McAfee",
    "versions": [
      {
        "status": "affected",
        "version": "3.11.599.3"
      }
    ]
  }
]

Related

cve 1
exploitpack 1
prion 1
nessus 2
nvd 1
exploitdb 1
cve
cve
CVE-2017-3897
2017-09-01 13:29:00
exploitpack
exploitpack
McAfee Security Scan Plus - Remote Command Execution
2017-07-30 00:00:00
prion
prion
Code injection
2017-09-01 13:29:00
nessus
nessus
McAfee Security Scan Plus < 3.11.587.1 Protection Level UI Element Download MitM Command Execution (TS102714)
2017-08-10 00:00:00
McAfee Security Scan Plus < 3.11.599.3 LiveSafe Non-certificate-based Authentication HTTP Backend-response Handling MitM Registry Value Manipulation (TS102723)
2017-09-28 00:00:00
nvd
nvd
CVE-2017-3897
2017-09-01 13:29:00
exploitdb
exploitdb
McAfee Security Scan Plus - Remote Command Execution
2017-07-30 00:00:00

9.8 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.7%

JSON
Related for CVELIST:CVE-2017-3897
cve1exploitpack1prion1nessus2nvd1exploitdb1