PT-2018-10286 · Rsa · Emc Rsa Authentication Manager

Publicado

2018-09-28

Atualizado

2020-03-27

CVE-2018-11073

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions RSA Authentication Manager versions prior to 8.3 P3

Description The issue concerns a stored cross-site scripting vulnerability in the Operations Console of RSA Authentication Manager. This vulnerability could be exploited by a malicious Operations Console administrator to store arbitrary HTML or JavaScript code through the web interface. When other administrators access the affected page, the injected scripts could potentially be executed in their browser.

Recommendations For RSA Authentication Manager versions prior to 8.3 P3, update to version 8.3 P3 or later to resolve the issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2018-11073

Produtos afetados

Emc Rsa Authentication Manager

PT-2018-10286 · Rsa · Emc Rsa Authentication Manager

CVE-2018-11073

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5