Twenty Year Anniversary

RSA Authentication Manager 8.2 SP1 P4 Cross Site Scripting

RSA Authentication Manager 8.2 SP1 P4 Cross Site Scripting
Posted Oct 27, 2017
Site emc.com

RSA Authentication Manager version 8.2 SP1 Patch 5 contains a fix for a reflected cross site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system.

tags | advisory, xss
advisories | CVE-2017-14373
MD5 | 21fceb4b6c9ad9829894a924c629d3d0

RSA Authentication Manager 8.2 SP1 P4 Cross Site Scripting

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

ESA-2017-134: RSA(r) Authentication Manager Security Update for Reflected Cross-Site Scripting Vulnerability

EMC Identifier: ESA-2017-134

CVE Identifier: CVE-2017-14373

Severity Rating: CVSSv3: 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products:
RSA Authentication Manager 8.2 SP1 P4 and earlier

Summary:
RSA Authentication Manager 8.2 SP1 Patch 5 contains a fix for a reflected cross-site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system.

Details:
The RSA Authentication Manager Security Console is affected by a reflected cross-site scripting vulnerability via an argument in the HTTP POST request. Attackers could potentially exploit this vulnerability to execute arbitrary HTML or JavaScript code in the users browser session in the context of the affected RSA Authentication Manager application.

Recommendation:
The following RSA Authentication Manager release contains a resolution for this vulnerability:
RSA Authentication Manager 8.2 SP1 Patch 5 and later

RSA recommends all customers upgrade at the earliest opportunity.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJZ6e0VAAoJEHbcu+fsE81Z1eoH/iselhrcUm2pJ8N0Sxt3l5bl
ZcF8AfR7fNVV41EAf5kmxYKX6Uv7or5DzSHUa/bIhJu/bKGOQJcOewk/qxEKhhKe
idI64cXcBS4RLH0HPv9nmaOUPHKsmQIjIbXHFdod4jcRtAEX2PcRYsC8+3P8ZFtJ
tEV0y8OGFYblxVGDrAE/mdJOW/0OPweXaUzlDdnxz85BZRgOTGyEzncSs90ysEpM
fTZxozgbePJ2x4Phr4DCWhAL/Q+LETDYB3XqiRRyixw+fGzvMGBWUTOEMVmNonm0
ACyPz+E6VJ+GwNfX24NPTkxuHv37yFV8mtkReNstVsgheUoGB5XNuPYAMI2Zy9A=
=VgMU
-----END PGP SIGNATURE-----


Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    15 Files
  • 18
    Jul 18th
    15 Files
  • 19
    Jul 19th
    17 Files
  • 20
    Jul 20th
    11 Files
  • 21
    Jul 21st
    1 Files
  • 22
    Jul 22nd
    1 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close