CVE-2018-11075 in EMC and Rsa Products
Published on September 28, 2018
DSA-2018-152: RSA® Authentication Manager Multiple Vulnerabilities
RSA Authentication Manager versions prior to 8.3 P3 contain a reflected cross-site scripting vulnerability in a Security Console page. A remote, unauthenticated malicious user, with the knowledge of a target user's anti-CSRF token, could potentially exploit this vulnerability by tricking a victim Security Console user to supply malicious HTML or JavaScript code to the vulnerable web application, which code is then executed by the victim's web browser in the context of the vulnerable web application.
Products Associated with CVE-2018-11075
stack.watch emails you whenever new vulnerabilities are published in EMC Rsa Authentication Manager or Rsa Authentication Manager. Just hit a watch button to start following.
Affected Versions
RSA Authentication Manager:- Version unspecified and below 8.3 P3 is affected.
Exploit Probability
EPSS
0.81%
Percentile
73.99%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.