Unsolved
This post is more than 5 years old
1 Message
0
1231
Cross Site Scripting vulnerability in broker v8.1.2.1
We are currently running v8.1.2.1 of the SAM suite and I was just notified by my compliance team that they have detected an XSS vulnerability on the server running my broker. We are unable to upgrade to the latest version at this time, so I have two questions: 1) is the vulnerability fixed in a later version of the software? Is there a workaround to mitigate the vulnerability in 8.1.2.1? Thanks for any help.
PaulORourke
170 Posts
0
November 21st, 2012 03:00
Hi Davjohns,
Please find the release notes for SAM v9.1 attached. See section labeled CQ 574325.
Additionally, please review KB article emc275845 available on Powerlink.
Should the vulnerability reported by your compliance team not match anything in the above, can you please open a new SR to report the issue? We will investigate it ASAP. Thanks.
Kind Regards,
Paul O'Rourke
1 Attachment
SAM-Version-9.1-Release-Notes.pdf
ejpren
15 Posts
0
November 21st, 2012 05:00
Doc emc274245 was last updated on 11/21/2011 with the remediation status. Could this be updated? Thanks, Eric Prentice
Baadsgaard
16 Posts
0
November 21st, 2012 15:00
Hello Eric,
Thank you for bringing this to our attention. I'm currently working on updating this article and will reply back to this post when the update is complete.
Regards,
Joseph Baadsgaard
EMC Technical Support Engineer I,
Ionix Smarts