CVE-2018-12241 - OpenCVE

The Symantec Security Analytics (SA) 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP address can craft a malicious URL for the SA web UI and target SA web UI users with phishing attacks or other social engineering techniques. A successful attack allows injecting malicious JavaScript code into the SA web UI client application.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Symantec	Security Analytics

Configuration 1 [-]

cpe:2.3:a:symantec:security_analytics:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/105965
https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1466.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: symantec

Published: 2018-11-27T18:00:00

Updated: 2024-08-05T08:30:58.999Z

Reserved: 2018-06-12T00:00:00

Link: CVE-2018-12241

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2018-11-27T18:29:01.530

Modified: 2019-02-11T19:04:40.690

Link: CVE-2018-12241

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Symantec Security Analytics (SA)", "vendor": "Symantec Corporation", "versions": [{"status": "affected", "version": "SA 7.x prior to 7.3.4"}]}], "datePublic": "2018-11-27T00:00:00", "descriptions": [{"lang": "en", "value": "The Symantec Security Analytics (SA) 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP address can craft a malicious URL for the SA web UI and target SA web UI users with phishing attacks or other social engineering techniques. A successful attack allows injecting malicious JavaScript code into the SA web UI client application."}], "problemTypes": [{"descriptions": [{"description": "Cross-site scripting", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-11-28T10:57:01", "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5", "shortName": "symantec"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1466.html"}, {"name": "105965", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/105965"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@symantec.com", "ID": "CVE-2018-12241", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Symantec Security Analytics (SA)", "version": {"version_data": [{"version_value": "SA 7.x prior to 7.3.4"}]}}]}, "vendor_name": "Symantec Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Symantec Security Analytics (SA) 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP address can craft a malicious URL for the SA web UI and target SA web UI users with phishing attacks or other social engineering techniques. A successful attack allows injecting malicious JavaScript code into the SA web UI client application."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Cross-site scripting"}]}]}, "references": {"reference_data": [{"name": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1466.html", "refsource": "CONFIRM", "url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1466.html"}, {"name": "105965", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105965"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T08:30:58.999Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1466.html"}, {"name": "105965", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/105965"}]}]}, "cveMetadata": {"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5", "assignerShortName": "symantec", "cveId": "CVE-2018-12241", "datePublished": "2018-11-27T18:00:00", "dateReserved": "2018-06-12T00:00:00", "dateUpdated": "2024-08-05T08:30:58.999Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:symantec:security_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B040D0B-2B7F-4194-9277-A4266185CBAF", "versionEndExcluding": "7.3.4", "versionStartIncluding": "7.2.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Symantec Security Analytics (SA) 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP address can craft a malicious URL for the SA web UI and target SA web UI users with phishing attacks or other social engineering techniques. A successful attack allows injecting malicious JavaScript code into the SA web UI client application."}, {"lang": "es", "value": "En Symantec Security Analytics (SA), en versiones 7.x anteriores a la 7.3.4, la interfaz web es susceptible a una vulnerabilidad Cross-Site Scripting (XSS) reflejado. Un atacante remoto que conozca el nombre de host o la direcci\u00f3n IP de la interfaz web de SA puede manipular una URL maliciosa para los usuarios de la interfaz web e interfaz web objetivo de SA mediante ataques de phishing u otras t\u00e9cnicas de ingenier\u00eda social. Un ataque exitoso permite que se inyecte c\u00f3digo JavaScript malicioso en la aplicaci\u00f3n del cliente de la interfaz web de SA."}], "id": "CVE-2018-12241", "lastModified": "2019-02-11T19:04:40.690", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-11-27T18:29:01.530", "references": [{"source": "secure@symantec.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105965"}, {"source": "secure@symantec.com", "tags": ["Vendor Advisory"], "url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1466.html"}], "sourceIdentifier": "secure@symantec.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}