DSA-2018-152: RSA® Authentication Manager Multiple Vulnerabilities

RSA Authentication Manager versions prior to 8.3 P3 contain a stored cross-site scripting vulnerability in the Operations Console. A malicious Operations Console administrator could exploit this vulnerability to store arbitrary HTML or JavaScript code through the web interface. When other Operations Console administrators open the affected page, the injected scripts could potentially be executed in their browser.

N/A

N/A

Dell EMC RSA Authentication Manager Operations Console 跨站脚本漏洞

Dell EMC RSA Authentication Manager是美国戴尔（Dell）公司的一套集中式二元身份认证软件。该软件可跨物理站点集中管理二元身份认证、安全令牌、方法和用户等。Operations Console是其中的一个操作控制台程序。 Dell EMC RSA Authentication Manager 8.3 P3之前版本中的Operations Console存在跨站脚本漏洞。远程攻击者可借助Web界面利用该漏洞存储任意的HTML或JavaScript代码，进而在用户浏览器中执行

N/A

N/A