← volver
CVE-2018-1233

CVE-2018-1233

EPSS 1.1%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 1.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
30 mar 2018Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. The attackers could potentially exploit this vulnerability to execute arbitrary HTML or JavaScript code in the user's browser session in the context of the affected website.
Productos afectados
Dell EMC · RSA Authentication Agent for Web for IIS, RSA Authentication Agent for Web for Apache Web Server

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://seclists.org/fulldisclosure/2018/Mar/60http://www.securitytracker.com/id/1040577