CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-0638

Cross-site scripting (XSS) vulnerability in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote attackers to inject arbitrary web script or HTML via vectors involving FRAME elements, related to a "cross-frame scripting" issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.7%

CVSS Severity

CVSS v2 Score 4.3

References

http://archives.neohapsis.com/archives/bugtraq/2014-04/0007.html
http://archives.neohapsis.com/archives/bugtraq/2014-04/0007.html

Products affected by CVE-2014-0638

Emc » Rsa Adaptive Authentication On-Premise » Version: 6.0

cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0
Emc » Rsa Adaptive Authentication On-Premise » Version: 6.0.2.1

cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1
Emc » Rsa Adaptive Authentication On-Premise » Version: 7.0

cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:7.0
Emc » Rsa Adaptive Authentication On-Premise » Version: 7.1

cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:7.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-0638

Products

Pricing

Contact Us