CVE-2019-18574

Name of the Vulnerable Software and Affected Versions RSA Authentication Manager software versions prior to 8.4 P8

Description The issue concerns a stored cross-site scripting vulnerability in the Security Console of the RSA Authentication Manager software. This vulnerability could be exploited by a malicious Security Console administrator to store arbitrary HTML or JavaScript code through the web interface, which could then be included in a report. When other Security Console administrators open the affected report, the injected scripts could potentially be executed in their browser.

Recommendations For versions prior to 8.4 P8, update to version 8.4 P8 or later to resolve the issue.