Firewall Configuration & Log Management by ManageEngine Firewall Analyzer

CVE-2018-12998

A reflected Cross-site scripting (XSS) vulnerability

Vulnerability Details
Impact	CVSS V3 rating: 6.1 (Medium)
Reported	29 Jun 2018
Fixed	29 Nov 2018
Affected Builds	Till Build 123147
Fixed in	Build 123169
Overview	A reflected Cross-site scripting (XSS) vulnerability
Recommended Fix	Upgrade to Firewall Analyzer Version 12.3.231 or above.

Description

A reflected Cross-site scripting (XSS) vulnerability in Firewall Analyzer before build 123147 allows remote attackers to inject arbitrary web script or HTML via the parameter 'operation' to
/servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.

We recommend that you upgrade to Firewall Analyzer version 12.3.231 and above to fix this issue.

Source and Acknowledgements

Find out more about CVE-2018-12998 from the CVE dictionary.

Need Help?

For clarification or corrections please contact our support team or email us at fwanalyzer-support@manageengine.com

A single platter for comprehensive Network Security Device Management

Quick LinksNetwork Bandwidth ReportsNetwork Security & Device MgmtLog ManagementCompliance & MSSP Features

» Pricing & Purchase
» Let Us Assist You

» What's new?
» Awards & Recognition

Firewall Device Management
1. » Policy Overview Report
2. » Used Rules Report
3. » Unused Rules Report
4. » Security Management
5. » Configuration Change Management Report/Alert

Firewall Log Analysis
1. » Check Point
2. » Cisco PIX Device
3. » Cisco ASA Device
4. » CyberGuard
5. » Fortigate
6. » IPFIX with Extensions Support
7. » Virtual/Context-based Firewall Support

Security Device Log Analysis
1. » Microsoft ISA
2. » NetScreen
3. » SonicWALL
4. » WatchGuard
5. » Squid Proxy

Compliance

MSSP Specific Features
1. » Managed Firewall Service
2. » Dashboard and User Views
3. » Rebranding
Troubleshooting Tool:
1. » Diagnose Live Firewall Connections

Other Features
1. » External User Authentication
2. » Alert Administration
3. » Integration with ManageEngine OpManager
4. » Firewall Credential Profiles
5. » Custom Reports
6. » Scheduled Reports
7. » Firewall Bandwidth Alerts