Reflected XSS Vulnerability in Security Analytics Web UI
1466
04 May 2021
20 November 2018
CLOSED
MEDIUM
6.1
SUMMARY
The Symantec Security Analytics (SA) Web UI is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP address can craft a malicious URL for the SA web UI and target SA web UI users with phishing attacks or other social engineering techniques. A successful attack allows injecting malicious JavaScript code into the SA web UI client application.
AFFECTED PRODUCTS
| Security Analytics (SA) | ||
|---|---|---|
| CVE | Supported Version(s) | Remediation |
| CVE-2018-12241 | 7.3 and earlier | Upgrade to 7.3.4. |
| 8.0 | Not vulnerable, fixed. | |
ISSUES
| CVE-2018-12241 | |
|---|---|
| Severity / CVSSv3 | Medium / 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) |
| References | SecurityFocus: BID 105965 / NVD: CVE-2018-12241 |
| Impact | Cross-site scripting (XSS) |
| Description | A reflected cross-site scripting (XSS) vulnerability in the Security Analytics (SA) web UI allows a remote attacker with knowledge of the SA web UI hostname or IP address to craft a URL for the SA web UI and target SA web UI users with phishing attacks and other social engineering techniques. A successful attack allows injecting malicious JavaScript code in the SA web UI client application running in the user's web browser. |
ACKNOWLEDGEMENTS
- CVE-2018-12241: Mohammed Shameem (@_M_Shahnawaz, https://www.linkedin.com/in/mohdshameem36)
REVISION
2018-11-21 Added SecurityFocus BID number.
2018-11-20 initial public release