![]() ![]() By importing an XML file with malicious XML code to the application, it is possible to exploit a blind The Security Console of the RSA Authentication Manager allows authenticated users to import SecurID Token jobs in XML format. Proof Of Concept 1) XML External Entity Injection (XXE) (CVE-2018-1247) Two further issues affecting other third party components are not yet fixed, as the third party vendor did not supply a patch to RSA yet. This issue has been fixed by RSA as described in the advisory DSA-2018-082. One of the affected components is PopCalendarX which has an assigned CVE (CVE-2017-9072). The identified issues exist in third party components. This issue can be exploited to cause reflected cross-site scripting. Several client-side scripts handle user supplied data with insufficient validation before storing it in the DOM. The vulnerability exists in a third party component called pmfso. Once the victim clicks a malicious link the attacker’s code is executed in the context of the victim’s web browser. With reflected cross-site scripting, an attacker can inject arbitrary HTML or JavaScript code into the victim’s web browser. This leads to a reflected cross-site scripting vulnerability. ![]() The vulnerable flash file does not filter or escape the user input sufficiently. This issue has been fixed by RSA as described in the advisory DSA-2018-086 ( ). The used XML parser is resolving XML external entities which allows an authenticated attacker (or an attacker that is able to trick an authenticated user into importing malicious XML files) to read files, send requests to systems on the internal network (e.g port scanning) or cause a DoS (e.g. Vulnerability Overview/ Description 1) XML External Entity Injection (XXE) (CVE-2018-1247) SEC Consult recommends to apply the available patches from the vendor. In addition to this, clients of the RSA Authentication manager can be affected by exploiting client-side issues. With RSA’s award-winning products, organizations effectively detect, investigate, and respond to advanced attacks confirm and manage identities and ultimately, reduce IP theft, fraud, and cybercrime.”īy exploiting the vulnerabilities documented in this advisory an attacker can obtain sensitive information from the RSA Authentication Manager file system, initiate arbitrary TCP connections or cause DoS. ![]() “RSA provides more than 30,000 customers around the world with the essential security capabilities to protect their most valuable assets from cyber threats. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |