RSA Authentication Manager Security Console, Operation Console and Self-Service Console, version 8.3 and earlier, is affected by a Host header injection vulnerability. This could allow a remote attacker to potentially poison HTTP cache and subsequently redirect users to arbitrary web domains.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2018/May/18 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/104113 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1040835 | Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2018/May/18 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/104113 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1040835 | Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 03:59
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/fulldisclosure/2018/May/18 - Mailing List, Third Party Advisory | |
References | () http://www.securityfocus.com/bid/104113 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1040835 - Third Party Advisory, VDB Entry |
Information
Published : 2018-05-08 13:29
Updated : 2024-11-21 03:59
NVD link : CVE-2018-1248
Mitre link : CVE-2018-1248
CVE.ORG link : CVE-2018-1248
JSON object : View
Products Affected
rsa
- authentication_manager
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')