CVE-2013-0942

Description

Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Related CPE's

aemcrsa_authentication_agent7.1*******

amicrosoftinternet_information_server********

aemcrsa_authentication_agent7.1*******

aapachehttp_server********

References

20130510 ESA-2013-031: RSA Authentication Agent Cross-Site Scripting (XSS) Vulnerability

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:M/Au:N/C:N/I:P/A:N

AccessVector

NETWORK

AccessComplexity

MEDIUM

Authentication

NONE

ConfidentialityImpact

NONE

IntegrityImpact

PARTIAL

AvailabilityImpact

NONE

BaseScore

4.300000190734863

Created by Yello
About Severity.io