CVE: CVE-2017-4015

Export to Word

Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.00224
Percentile: 0.4509

CVSS Scoring

CVSS v3.1 Score: 4.5

Severity: MEDIUM

Mapped CWE(s)

CWE-1021 : Improper Restriction of Rendered UI Layers or Frames

All CAPEC(s)

CAPEC-103: Clickjacking
CAPEC-181: Flash File Overlay
CAPEC-222: iFrame Overlay
CAPEC-504: Task Impersonation
CAPEC-506: Tapjacking
CAPEC-587: Cross Frame Scripting (XFS)
CAPEC-654: Credential Prompt Impersonation

CAPEC(s) with Mapped TTPs

CAPEC-504: Task Impersonation
Mapped TTPs:
- T1036.004 : Masquerade Task or Service
CAPEC-654: Credential Prompt Impersonation
Mapped TTPs:
- T1056 : Input Capture
- T1548.004 : Elevated Execution with Prompt

Mapped ATT&CK TTPs

T1036.004 : Masquerade Task or Service
Kill Chain: defense-evasion
T1056 : Input Capture
Kill Chain: collection
T1548.004 : Elevated Execution with Prompt
Kill Chain: privilege-escalation

Malware

APTs Threat Group Associations

Campaigns

APT41 DUST
SolarWinds Compromise
RedDelta Modified PlugX Infection Chain Operations
Versa Director Zero Day Exploitation
Frankenstein
Leviathan Australian Intrusions
C0017
2022 Ukraine Electric Power Attack
KV Botnet Activity

Affected Products

cpe:2.3:a:mcafee:network_data_loss_prevention:*:*:*:*:*:*:*:*

← Back to Home