CVE-2018-1253 | THREATINT

Description

RSA Authentication Manager Operation Console, versions 8.3 P1 and earlier, contains a stored cross-site scripting vulnerability. A malicious Operations Console administrator could potentially exploit this vulnerability to store arbitrary HTML or JavaScript code through the web interface. When other Operations Console administrators open the affected page, the injected scripts could potentially be executed in their browser.

PUBLISHED Reserved 2017-12-06 | Published 2018-06-21 | Updated 2024-09-17 | Assigner dell

MEDIUM: 6.5CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Problem types

xss vulnerability

Product status

Any version before 8.3 P1

affected

References

www.securityfocus.com/bid/104534 (104534) vdb-entry

www.securitytracker.com/id/1041134 (1041134) vdb-entry

seclists.org/fulldisclosure/2018/Jun/39 (20180612 DSA-2018-107: RSA Authentication Manager Cross-site scripting Vulnerabilities) mailing-list

www.securityfocus.com/bid/104534 (104534) vdb-entry

www.securitytracker.com/id/1041134 (1041134) vdb-entry

seclists.org/fulldisclosure/2018/Jun/39 (20180612 DSA-2018-107: RSA Authentication Manager Cross-site scripting Vulnerabilities) mailing-list

cve.org (CVE-2018-1253)

nvd.nist.gov (CVE-2018-1253)

Download JSON