CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
Percentile
90.2%
The RSA KEON Registration Authority web interface contains multiple cross-site scripting (XSS) vulnerabilities.
The RSA Keon Certificate Authority (CA) software is a digital certificate management system. The RSA KEON Registration Authority allows the CA to handle large numbers of certificate requests.
The RSA KEON Registration Authority web interface contains multiple cross-site scripting vulnerabilities.
An attacker may be able to obtain sensitive data from the site running the RSA KEON Registration Authority software or use the vulnerability create spoofed content.
Upgrade
RSA has released updates to address this issue. See <https://knowledge.rsasecurity.com/> for information on obtaining fixed software.
342793
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: August 07, 2007 Updated: October 31, 2007
Affected
The issue has been addressed in RSA Certificate Manager and RSA Registration Manager Software versions 6.5.1 and later. For more information about obtaining updated software, log on to RSA SecurCare Online at <https://knowledge.rsasecurity.com>.
The vendor has not provided us with any further information regarding this vulnerability.
See <https://knowledge.rsasecurity.com/> for information on obtaining fixed software.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23342793 Feedback>).
Group | Score | Vector |
---|---|---|
Base | 0 | AV:–/AC:–/Au:–/C:–/I:–/A:– |
Temporal | 0 | E:ND/RL:ND/RC:ND |
Environmental | 0 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND |
Thanks to GamaSEC for reporting this vulnerability.
This document was written by Ryan Giobbi.
CVE IDs: | CVE-2007-5703 |
---|---|
Severity Metric: | 0.97 Date Public: |