PT-2018-11125 · Rsa · Rsa Authentication Agent

Published

2018-03-30

Updated

2018-04-20

CVE-2018-1233

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions RSA Authentication Agent versions 8.0.1 and earlier for Web for both IIS and Apache Web Server

Description The issue allows attackers to execute arbitrary HTML or JavaScript code in the user's browser session, potentially leading to the exploitation of a cross-site scripting vulnerability. This could be done in the context of the affected website.

Recommendations For RSA Authentication Agent versions 8.0.1 and earlier, update to a version later than 8.0.1 to resolve the issue.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2018-1233

Affected Products

Rsa Authentication Agent

PT-2018-11125 · Rsa · Rsa Authentication Agent

CVE-2018-1233

Weakness Enumeration

Related Identifiers

Affected Products

References · 4