Lucene search
HistoryApr 04, 2014 - 3:09 p.m.
CVE-2014-0637
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.2
Confidence
High
EPSS
0.001
Percentile
50.8%
Cross-site scripting (XSS) vulnerability in the back-office case-management application in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Affected configurations
Node
emcrsa_adaptive_authentication_on-premiseMatch6.0
ORemcrsa_adaptive_authentication_on-premiseMatch6.0.2.1
ORemcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp1_patch2
ORemcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp1_patch3
ORemcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp2
ORemcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp2_patch1
ORemcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp3
ORemcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp3_p3
ORemcrsa_adaptive_authentication_on-premiseMatch7.0
ORemcrsa_adaptive_authentication_on-premiseMatch7.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| emc | rsa_adaptive_authentication_on-premise | 6.0 | cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0:*:*:*:*:*:*:* |
| emc | rsa_adaptive_authentication_on-premise | 6.0.2.1 | cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:*:*:*:*:*:*:* |
| emc | rsa_adaptive_authentication_on-premise | 6.0.2.1 | cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp1_patch2:*:*:*:*:*:* |
| emc | rsa_adaptive_authentication_on-premise | 6.0.2.1 | cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp1_patch3:*:*:*:*:*:* |
| emc | rsa_adaptive_authentication_on-premise | 6.0.2.1 | cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp2:*:*:*:*:*:* |
| emc | rsa_adaptive_authentication_on-premise | 6.0.2.1 | cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp2_patch1:*:*:*:*:*:* |
| emc | rsa_adaptive_authentication_on-premise | 6.0.2.1 | cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp3:*:*:*:*:*:* |
| emc | rsa_adaptive_authentication_on-premise | 6.0.2.1 | cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp3_p3:*:*:*:*:*:* |
| emc | rsa_adaptive_authentication_on-premise | 7.0 | cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:7.0:*:*:*:*:*:*:* |
| emc | rsa_adaptive_authentication_on-premise | 7.1 | cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:7.1:*:*:*:*:*:*:* |
Related
seebug
seebug
RSA Adaptive Authentication (On-Premise)跨站脚本漏洞
2014-04-04 00:00:00
prion
prion
Cross site scripting
2014-04-04 15:09:00
cve
cve
CVE-2014-0637
2014-04-04 15:09:05
cvelist
cvelist
CVE-2014-0637
2014-04-04 15:00:00
securityvulns
securityvulns
ESA-2014-020: RSA Adaptive Authentication (On-Premise) Multiple Vulnerabilities
2014-04-07 00:00:00
EMC RSA Adaptive Authentication security vulnerabilities
2014-04-07 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.2
Confidence
High
EPSS
0.001
Percentile
50.8%
Related for NVD:CVE-2014-0637