PT-2016-4478 · Emc · Rsa Adaptive Authentication
Publicado
2016-09-21
·
Atualizado
2017-07-30
·
CVE-2016-0925
CVSS v3.1
5.4
Média
| Vetor | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
EMC RSA Adaptive Authentication (On-Premise) versions prior to 6.0.2.1.SP3.P4 HF210
EMC RSA Adaptive Authentication (On-Premise) versions 7.0.x through 7.1.x before 7.1.0.0.SP0.P6 HF50
EMC RSA Adaptive Authentication (On-Premise) versions 7.2.x before 7.2.0.0.SP0.P0 HF20
Description
A cross-site scripting (XSS) issue exists in the Case Management application, allowing remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Recommendations
For versions prior to 6.0.2.1.SP3.P4 HF210, update to version 6.0.2.1.SP3.P4 HF210 or later.
For versions 7.0.x through 7.1.x before 7.1.0.0.SP0.P6 HF50, update to version 7.1.0.0.SP0.P6 HF50 or later.
For versions 7.2.x before 7.2.0.0.SP0.P0 HF20, update to version 7.2.0.0.SP0.P0 HF20 or later.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Rsa Adaptive Authentication