cvelistv5 - cve-2018-12246

CVE-2018-12246 (GCVE-0-2018-12246)

Vulnerability from cvelistv5 – Published: 2018-10-22 19:00 – Updated: 2024-09-16 22:31

Summary

Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript code into the website's rendered copy running inside the end user's web browser. It does not allow injecting code into the real (isolated) copy of the website running on the WI Threat Isolation Engine.

Severity ?

No CVSS data available.

CWE

Cross-site scripting (XSS)

Assigner

symantec

References

URL

Tags

	https://support.symantec.com/content/unifiedweb/e…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/105581	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	Symantec Corporation	Symantec Web Isolation	Affected: 1.11 prior to 1.11.21

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:30:59.484Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html"
          },
          {
            "name": "105581",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105581"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Symantec Web Isolation",
          "vendor": "Symantec Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "1.11 prior to 1.11.21"
            }
          ]
        }
      ],
      "datePublic": "2018-10-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript code into the website\u0027s rendered copy running inside the end user\u0027s web browser. It does not allow injecting code into the real (isolated) copy of the website running on the WI Threat Isolation Engine."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Cross-site scripting (XSS)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-23T09:57:01",
        "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "shortName": "symantec"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html"
        },
        {
          "name": "105581",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105581"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@symantec.com",
          "DATE_PUBLIC": "2018-10-16T00:00:00",
          "ID": "CVE-2018-12246",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Symantec Web Isolation",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "1.11 prior to 1.11.21"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Symantec Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript code into the website\u0027s rendered copy running inside the end user\u0027s web browser. It does not allow injecting code into the real (isolated) copy of the website running on the WI Threat Isolation Engine."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html",
              "refsource": "CONFIRM",
              "url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html"
            },
            {
              "name": "105581",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105581"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
    "assignerShortName": "symantec",
    "cveId": "CVE-2018-12246",
    "datePublished": "2018-10-22T19:00:00Z",
    "dateReserved": "2018-06-12T00:00:00",
    "dateUpdated": "2024-09-16T22:31:26.952Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:web_isolation:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.11\", \"versionEndExcluding\": \"1.11.21\", \"matchCriteriaId\": \"CDCC38E0-753C-4580-A2F2-17389D7A1A6F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript code into the website\u0027s rendered copy running inside the end user\u0027s web browser. It does not allow injecting code into the real (isolated) copy of the website running on the WI Threat Isolation Engine.\"}, {\"lang\": \"es\", \"value\": \"Symantec Web Isolation (WI) en versiones 1.11 anteriores a la 1.11.21 es susceptible a una vulnerabilidad Cross-Site Scripting (XSS) reflejado. Un atacante remoto puede apuntar hacia usuarios finales protegidos por WI con ataques de ingenier\\u00eda social mediante URL manipuladas para sitios web leg\\u00edtimos. Un ataque exitoso permite la inyecci\\u00f3n de c\\u00f3digo JavaScript en la copia renderizada del sitio web que se ejecuta en el navegador web del usuario final. No permite la inyecci\\u00f3n de c\\u00f3digo en la copia real (aislada) del sitio web que se ejecuta en WI Threat Isolation Engine.\"}]",
      "id": "CVE-2018-12246",
      "lastModified": "2024-11-21T03:44:51.250",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2018-10-22T19:29:00.267",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/105581\", \"source\": \"secure@symantec.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html\", \"source\": \"secure@symantec.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/105581\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@symantec.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-12246\",\"sourceIdentifier\":\"secure@symantec.com\",\"published\":\"2018-10-22T19:29:00.267\",\"lastModified\":\"2024-11-21T03:44:51.250\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript code into the website\u0027s rendered copy running inside the end user\u0027s web browser. It does not allow injecting code into the real (isolated) copy of the website running on the WI Threat Isolation Engine.\"},{\"lang\":\"es\",\"value\":\"Symantec Web Isolation (WI) en versiones 1.11 anteriores a la 1.11.21 es susceptible a una vulnerabilidad Cross-Site Scripting (XSS) reflejado. Un atacante remoto puede apuntar hacia usuarios finales protegidos por WI con ataques de ingenier\u00eda social mediante URL manipuladas para sitios web leg\u00edtimos. Un ataque exitoso permite la inyecci\u00f3n de c\u00f3digo JavaScript en la copia renderizada del sitio web que se ejecuta en el navegador web del usuario final. No permite la inyecci\u00f3n de c\u00f3digo en la copia real (aislada) del sitio web que se ejecuta en WI Threat Isolation Engine.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:web_isolation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.11\",\"versionEndExcluding\":\"1.11.21\",\"matchCriteriaId\":\"CDCC38E0-753C-4580-A2F2-17389D7A1A6F\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/105581\",\"source\":\"secure@symantec.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html\",\"source\":\"secure@symantec.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/105581\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

JVNDB-2018-000110

Vulnerability from jvndb - Published: 2018-10-19 14:45 - Updated:2019-07-26 14:06

Severity ?

6.1 (Medium) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

Web Isolation vulnerable to cross-site scripting

Details

Web Isolation provided by Symantec Corporation contains a reflected cross-site scripting vulnerability (CWE-79).

References

Type

URL

	JVN	https://jvn.jp/en/jp/JVN58005743/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12246
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-12246
	Cross-site Scripting(CWE-79)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

Symantec Corporation

Web Isolation

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000110.html",
  "dc:date": "2019-07-26T14:06+09:00",
  "dcterms:issued": "2018-10-19T14:45+09:00",
  "dcterms:modified": "2019-07-26T14:06+09:00",
  "description": "Web Isolation provided by Symantec Corporation contains a reflected cross-site scripting vulnerability (CWE-79).",
  "link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000110.html",
  "sec:cpe": {
    "#text": "cpe:/a:symantec:web_isolation",
    "@product": "Web Isolation",
    "@vendor": "Symantec Corporation",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "4.3",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
      "@version": "2.0"
    },
    {
      "@score": "6.1",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2018-000110",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN58005743/index.html",
      "@id": "JVN#58005743",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12246",
      "@id": "CVE-2018-12246",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-12246",
      "@id": "CVE-2018-12246",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    }
  ],
  "title": "Web Isolation vulnerable to cross-site scripting"
}

CERTFR-2018-AVI-491

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans Symantec Web Isolation. Elle permet à un attaquant de provoquer une injection de code indirecte à distance (XSS).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Symantec	N/A	Symantec Web Isolation (WI) versions 1.11.x antérieures à 1.11.21

References

Title

Publication Time

Tags

Bulletin de sécurité Symantec SYMSA1464 du 16 octobre 2018

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Symantec Web Isolation (WI) versions 1.11.x ant\u00e9rieures \u00e0 1.11.21",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-12246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12246"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-491",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-10-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Symantec Web Isolation. Elle\npermet \u00e0 un attaquant de provoquer une injection de code indirecte \u00e0\ndistance (XSS).\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Symantec Web Isolation",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Symantec SYMSA1464 du 16 octobre 2018",
      "url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html"
    }
  ]
}

CERTFR-2018-AVI-491

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans Symantec Web Isolation. Elle permet à un attaquant de provoquer une injection de code indirecte à distance (XSS).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Symantec	N/A	Symantec Web Isolation (WI) versions 1.11.x antérieures à 1.11.21

References

Title

Publication Time

Tags

Bulletin de sécurité Symantec SYMSA1464 du 16 octobre 2018

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Symantec Web Isolation (WI) versions 1.11.x ant\u00e9rieures \u00e0 1.11.21",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-12246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12246"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-491",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-10-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Symantec Web Isolation. Elle\npermet \u00e0 un attaquant de provoquer une injection de code indirecte \u00e0\ndistance (XSS).\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Symantec Web Isolation",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Symantec SYMSA1464 du 16 octobre 2018",
      "url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html"
    }
  ]
}

GSD-2018-12246

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-12246

Aliases

CVE-2018-12246

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-12246",
    "description": "Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript code into the website\u0027s rendered copy running inside the end user\u0027s web browser. It does not allow injecting code into the real (isolated) copy of the website running on the WI Threat Isolation Engine.",
    "id": "GSD-2018-12246"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-12246"
      ],
      "details": "Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript code into the website\u0027s rendered copy running inside the end user\u0027s web browser. It does not allow injecting code into the real (isolated) copy of the website running on the WI Threat Isolation Engine.",
      "id": "GSD-2018-12246",
      "modified": "2023-12-13T01:22:30.195329Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@symantec.com",
        "DATE_PUBLIC": "2018-10-16T00:00:00",
        "ID": "CVE-2018-12246",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Symantec Web Isolation",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "1.11 prior to 1.11.21"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Symantec Corporation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript code into the website\u0027s rendered copy running inside the end user\u0027s web browser. It does not allow injecting code into the real (isolated) copy of the website running on the WI Threat Isolation Engine."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Cross-site scripting (XSS)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html",
            "refsource": "CONFIRM",
            "url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html"
          },
          {
            "name": "105581",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/105581"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:web_isolation:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.11.21",
                "versionStartIncluding": "1.11",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@symantec.com",
          "ID": "CVE-2018-12246"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript code into the website\u0027s rendered copy running inside the end user\u0027s web browser. It does not allow injecting code into the real (isolated) copy of the website running on the WI Threat Isolation Engine."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html"
            },
            {
              "name": "105581",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/105581"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2018-12-06T20:30Z",
      "publishedDate": "2018-10-22T19:29Z"
    }
  }
}

CNVD-2018-21613

Vulnerability from cnvd - Published: 2018-10-24

Title

Symantec Web Isolation跨站脚本攻击漏洞

Description

Symantec Web Isolation是美国赛门铁克（Symantec）公司的一款Web安全防护软件。该软件主要用于防止恶意软件和网络钓鱼攻击等。 Symantec Web Isolation 1.11版本中存在跨站脚本漏洞。远程攻击者可利用该漏洞在用户的Web浏览器中执行任意脚本。

Severity

中

Patch Name

Symantec Web Isolation跨站脚本攻击漏洞的补丁

Patch Description

Symantec Web Isolation是美国赛门铁克（Symantec）公司的一款Web安全防护软件。该软件主要用于防止恶意软件和网络钓鱼攻击等。 Symantec Web Isolation 1.11版本中存在跨站脚本漏洞。远程攻击者可利用该漏洞在用户的Web浏览器中执行任意脚本。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://support.symantec.com/en_US/article.SYMSA1464.html

Reference

https://www.securityfocus.com/bid/105581

Impacted products

Name
Symantec Web Isolation 1.11

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "105581"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-12246",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12246"
    }
  },
  "description": "Symantec Web Isolation\u662f\u7f8e\u56fd\u8d5b\u95e8\u94c1\u514b\uff08Symantec\uff09\u516c\u53f8\u7684\u4e00\u6b3eWeb\u5b89\u5168\u9632\u62a4\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u4e3b\u8981\u7528\u4e8e\u9632\u6b62\u6076\u610f\u8f6f\u4ef6\u548c\u7f51\u7edc\u9493\u9c7c\u653b\u51fb\u7b49\u3002\r\n\r\nSymantec Web Isolation 1.11\u7248\u672c\u4e2d\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u7528\u6237\u7684Web\u6d4f\u89c8\u5668\u4e2d\u6267\u884c\u4efb\u610f\u811a\u672c\u3002",
  "discovererName": "Symantec",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.symantec.com/en_US/article.SYMSA1464.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-21613",
  "openTime": "2018-10-24",
  "patchDescription": "Symantec Web Isolation\u662f\u7f8e\u56fd\u8d5b\u95e8\u94c1\u514b\uff08Symantec\uff09\u516c\u53f8\u7684\u4e00\u6b3eWeb\u5b89\u5168\u9632\u62a4\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u4e3b\u8981\u7528\u4e8e\u9632\u6b62\u6076\u610f\u8f6f\u4ef6\u548c\u7f51\u7edc\u9493\u9c7c\u653b\u51fb\u7b49\u3002\r\n\r\nSymantec Web Isolation 1.11\u7248\u672c\u4e2d\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u7528\u6237\u7684Web\u6d4f\u89c8\u5668\u4e2d\u6267\u884c\u4efb\u610f\u811a\u672c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Symantec Web Isolation\u8de8\u7ad9\u811a\u672c\u653b\u51fb\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Symantec Web Isolation 1.11"
  },
  "referenceLink": "https://www.securityfocus.com/bid/105581",
  "serverity": "\u4e2d",
  "submitTime": "2018-10-19",
  "title": "Symantec Web Isolation\u8de8\u7ad9\u811a\u672c\u653b\u51fb\u6f0f\u6d1e"
}

FKIE_CVE-2018-12246

Vulnerability from fkie_nvd - Published: 2018-10-22 19:29 - Updated: 2024-11-21 03:44

Severity ?

6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

References

URL	Tags
secure@symantec.com	http://www.securityfocus.com/bid/105581	Third Party Advisory, VDB Entry
secure@symantec.com	https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105581	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html	Vendor Advisory

Impacted products

	Vendor	Product	Version
	symantec	web_isolation	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:web_isolation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDCC38E0-753C-4580-A2F2-17389D7A1A6F",
              "versionEndExcluding": "1.11.21",
              "versionStartIncluding": "1.11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript code into the website\u0027s rendered copy running inside the end user\u0027s web browser. It does not allow injecting code into the real (isolated) copy of the website running on the WI Threat Isolation Engine."
    },
    {
      "lang": "es",
      "value": "Symantec Web Isolation (WI) en versiones 1.11 anteriores a la 1.11.21 es susceptible a una vulnerabilidad Cross-Site Scripting (XSS) reflejado. Un atacante remoto puede apuntar hacia usuarios finales protegidos por WI con ataques de ingenier\u00eda social mediante URL manipuladas para sitios web leg\u00edtimos. Un ataque exitoso permite la inyecci\u00f3n de c\u00f3digo JavaScript en la copia renderizada del sitio web que se ejecuta en el navegador web del usuario final. No permite la inyecci\u00f3n de c\u00f3digo en la copia real (aislada) del sitio web que se ejecuta en WI Threat Isolation Engine."
    }
  ],
  "id": "CVE-2018-12246",
  "lastModified": "2024-11-21T03:44:51.250",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-22T19:29:00.267",
  "references": [
    {
      "source": "secure@symantec.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105581"
    },
    {
      "source": "secure@symantec.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html"
    }
  ],
  "sourceIdentifier": "secure@symantec.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-F249-2PX5-3WQ5

Vulnerability from github – Published: 2022-05-14 01:52 – Updated: 2022-05-14 01:52

Details

Severity ?

6.1 (Medium)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-12246"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-10-22T19:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript code into the website\u0027s rendered copy running inside the end user\u0027s web browser. It does not allow injecting code into the real (isolated) copy of the website running on the WI Threat Isolation Engine.",
  "id": "GHSA-f249-2px5-3wq5",
  "modified": "2022-05-14T01:52:21Z",
  "published": "2022-05-14T01:52:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12246"
    },
    {
      "type": "WEB",
      "url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1464.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/105581"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-12246 (GCVE-0-2018-12246)

JVNDB-2018-000110

CERTFR-2018-AVI-491

Solution

CERTFR-2018-AVI-491

Solution

GSD-2018-12246

CNVD-2018-21613

FKIE_CVE-2018-12246

GHSA-F249-2PX5-3WQ5

Tags

Sightings

Nomenclature