VYPR
Medium severity5.9NVD Advisory· Published Oct 31, 2017· Updated Jun 17, 2026

CVE-2017-3934

CVE-2017-3934

Description

Missing HTTP Strict Transport Security state information vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows man-in-the-middle attackers to expose confidential data via read files on the webserver.

Affected products

2
  • cpe:2.3:a:mcafee:network_data_loss_prevention:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mcafee:network_data_loss_prevention:*:*:*:*:*:*:*:*range: <=9.3.0
    • (no CPE)range: 9.3.X

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.