Twenty Year Anniversary

RSA Authentication Manager 8.2 SP1 P4 Cross Site Scripting

RSA Authentication Manager 8.2 SP1 P4 Cross Site Scripting
Posted Oct 27, 2017
Site emc.com

RSA Authentication Manager version 8.2 SP1 Patch 5 contains a fix for a reflected cross site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system.

tags | advisory, xss
advisories | CVE-2017-14373
MD5 | 21fceb4b6c9ad9829894a924c629d3d0

RSA Authentication Manager 8.2 SP1 P4 Cross Site Scripting

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

ESA-2017-134: RSA(r) Authentication Manager Security Update for Reflected Cross-Site Scripting Vulnerability

EMC Identifier: ESA-2017-134

CVE Identifier: CVE-2017-14373

Severity Rating: CVSSv3: 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products:
RSA Authentication Manager 8.2 SP1 P4 and earlier

Summary:
RSA Authentication Manager 8.2 SP1 Patch 5 contains a fix for a reflected cross-site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system.

Details:
The RSA Authentication Manager Security Console is affected by a reflected cross-site scripting vulnerability via an argument in the HTTP POST request. Attackers could potentially exploit this vulnerability to execute arbitrary HTML or JavaScript code in the users browser session in the context of the affected RSA Authentication Manager application.

Recommendation:
The following RSA Authentication Manager release contains a resolution for this vulnerability:
RSA Authentication Manager 8.2 SP1 Patch 5 and later

RSA recommends all customers upgrade at the earliest opportunity.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJZ6e0VAAoJEHbcu+fsE81Z1eoH/iselhrcUm2pJ8N0Sxt3l5bl
ZcF8AfR7fNVV41EAf5kmxYKX6Uv7or5DzSHUa/bIhJu/bKGOQJcOewk/qxEKhhKe
idI64cXcBS4RLH0HPv9nmaOUPHKsmQIjIbXHFdod4jcRtAEX2PcRYsC8+3P8ZFtJ
tEV0y8OGFYblxVGDrAE/mdJOW/0OPweXaUzlDdnxz85BZRgOTGyEzncSs90ysEpM
fTZxozgbePJ2x4Phr4DCWhAL/Q+LETDYB3XqiRRyixw+fGzvMGBWUTOEMVmNonm0
ACyPz+E6VJ+GwNfX24NPTkxuHv37yFV8mtkReNstVsgheUoGB5XNuPYAMI2Zy9A=
=VgMU
-----END PGP SIGNATURE-----


Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close