Unrated severityNVD Advisory· Published Nov 27, 2018· Updated Aug 5, 2024

CVE-2018-12241

Description

The Symantec Security Analytics (SA) 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP address can craft a malicious URL for the SA web UI and target SA web UI users with phishing attacks or other social engineering techniques. A successful attack allows injecting malicious JavaScript code into the SA web UI client application.

Affected products

EMC Corporation/Rsa Security Analyticsllm-fuzzy
Range: <7.3.4
Symantec Corporation/Symantec Security Analytics (SA)v5
Range: SA 7.x prior to 7.3.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/105965mitrevdb-entryx_refsource_BID
support.symantec.com/content/unifiedweb/en_US/article.SYMSA1466.htmlmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000