Описание
RSA Authentication Manager versions prior to 8.4 P1 contain an Insecure Credential Management Vulnerability. A malicious Operations Console administrator may be able to obtain the value of a domain password that another Operations Console administrator had set previously and use it for attacks.
Ссылки
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 8.4 (исключая)
Одно из
cpe:2.3:a:emc:rsa_authentication_manager:8.4:-:*:*:*:*:*:*
cpe:2.3:a:rsa:authentication_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01165
Низкий
5.8 Medium
CVSS3
7.2 High
CVSS3
4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.2
github
больше 3 лет назад
RSA Authentication Manager versions prior to 8.4 P1 contain an Insecure Credential Management Vulnerability. A malicious Operations Console administrator may be able to obtain the value of a domain password that another Operations Console administrator had set previously and use it for attacks.
EPSS
Процентиль: 78%
0.01165
Низкий
5.8 Medium
CVSS3
7.2 High
CVSS3
4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo