← back
CVE-2018-1247

CVE-2018-1247

EPSS 17.0%
RSA Authentication Manager Security Console, version 8.3 and earlier, contains a XML External Entity (XXE) vulnerability. This could potentially allow admin users to cause a denial of service or extract server data via injecting a maliciously crafted DTD in an XML file submitted to the application.
Affected products
Dell EMC · RSA Authentication Manager Security Console
public PoCs found2
cve_referencewww.exploit-db.com/exploits/44634/unverifiedexploitdbwww.exploit-db.com/exploits/44634unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/fulldisclosure/2018/May/18https://www.exploit-db.com/exploits/44634/http://www.securityfocus.com/bid/104107http://www.securitytracker.com/id/1040835