Cross-site scripting in RSA Authentication Manager



Published: 2020-04-15 | Updated: 2020-08-08
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2020-5346
CWE-ID CWE-79
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		RSA Authentication Manager
Web applications / Remote management & hosting panels

Vendor RSA

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Cross-site scripting

EUVDB-ID: #VU34461

Risk: Low

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-5346

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The vulnerability allows a remote privileged user to read and manipulate data.

RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript code through the Security Console web interface. When other Security Console administrators open the affected page, the injected scripts could potentially be executed in their browser.

Mitigation

Install update from vendor's website.

Vulnerable software versions

RSA Authentication Manager: 8.4

External links

http://www.dell.com/support/security/en-us/details/DOC-111347/DSA-2020-066-RSA%C2%AE-Authentication-Manager-Stored-Cross-Site-Scripting


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###