CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-1233

RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. The attackers could potentially exploit this vulnerability to execute arbitrary HTML or JavaScript code in the user's browser session in the context of the affected website.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.5%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://seclists.org/fulldisclosure/2018/Mar/60
http://www.securitytracker.com/id/1040577
http://seclists.org/fulldisclosure/2018/Mar/60
http://www.securitytracker.com/id/1040577

Products affected by CVE-2018-1233

Rsa » Authentication Agent For Web » Version: 8.0

cpe:2.3:a:rsa:authentication_agent_for_web:8.0
Rsa » Authentication Agent For Web » Version: 8.0.1

cpe:2.3:a:rsa:authentication_agent_for_web:8.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1233

Products

Pricing

Contact Us