Vulnerability Description
RSA Authentication Manager Operation Console, versions 8.3 P1 and earlier, contains a stored cross-site scripting vulnerability. A malicious Operations Console administrator could potentially exploit this vulnerability to store arbitrary HTML or JavaScript code through the web interface. When other Operations Console administrators open the affected page, the injected scripts could potentially be executed in their browser.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Emc | Rsa Authentication Manager | <= 7.0 |
Related Weaknesses (CWE)
References
- http://seclists.org/fulldisclosure/2018/Jun/39Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/104534Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1041134Third Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2018/Jun/39Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/104534Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1041134Third Party AdvisoryVDB Entry
FAQ
What is CVE-2018-1253?
CVE-2018-1253 is a vulnerability with a CVSS score of 6.1 (MEDIUM). RSA Authentication Manager Operation Console, versions 8.3 P1 and earlier, contains a stored cross-site scripting vulnerability. A malicious Operations Console administrator could potentially exploit ...
How severe is CVE-2018-1253?
CVE-2018-1253 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-1253?
Check the references section above for vendor advisories and patch information. Affected products include: Emc Rsa Authentication Manager.