emc rsa-authentication-manager CVE-2019-18574 in EMC and Rsa Products
Published on December 3, 2019

product logo product logo
RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the Security Console. A malicious Security Console administrator could exploit this vulnerability to store arbitrary HTML or JavaScript code through the web interface which could then be included in a report. When other Security Console administrators open the affected report, the injected scripts could potentially be executed in their browser.

NVD

Weakness Type

What is a XSS Vulnerability?

The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

CVE-2019-18574 has been classified to as a XSS vulnerability or weakness.


Products Associated with CVE-2019-18574

stack.watch emails you whenever new vulnerabilities are published in EMC Rsa Authentication Manager or Rsa Authentication Manager. Just hit a watch button to start following.

EMC Rsa Authentication Manager
 
Rsa Authentication Manager
 

Affected Versions

Dell RSA Authentication Manager:

Exploit Probability

EPSS
0.25%
Percentile
47.80%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.