Reflected XSS Vulnerability in Security Analytics Web UI

1466

04 May 2021

20 November 2018

CLOSED

MEDIUM

6.1

SUMMARY

 

The Symantec Security Analytics (SA) Web UI is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP address can craft a malicious URL for the SA web UI and target SA web UI users with phishing attacks or other social engineering techniques. A successful attack allows injecting malicious JavaScript code into the SA web UI client application.

AFFECTED PRODUCTS

 

Security Analytics (SA)
CVE Supported Version(s) Remediation
CVE-2018-12241 7.3 and earlier Upgrade to 7.3.4.
8.0 Not vulnerable, fixed.

ISSUES

 

CVE-2018-12241
Severity / CVSSv3 Medium / 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
References SecurityFocus: BID 105965 / NVD: CVE-2018-12241
Impact Cross-site scripting (XSS)
Description A reflected cross-site scripting (XSS) vulnerability in the Security Analytics (SA) web UI allows a remote attacker with knowledge of the SA web UI hostname or IP address to craft a URL for the SA web UI and target SA web UI users with phishing attacks and other social engineering techniques. A successful attack allows injecting malicious JavaScript code in the SA web UI client application running in the user's web browser.

ACKNOWLEDGEMENTS

 

  • CVE-2018-12241: Mohammed Shameem (@_M_Shahnawaz, https://www.linkedin.com/in/mohdshameem36)

REVISION

 

2018-11-21 Added SecurityFocus BID number.
2018-11-20 initial public release