Design/Logic Flaw

2019-03-1321:29:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.4%

JSON

RSA Authentication Manager versions prior to 8.4 P1 contain an Insecure Credential Management Vulnerability. A malicious Operations Console administrator may be able to obtain the value of a domain password that another Operations Console administrator had set previously and use it for attacks.

CPENameOperatorVersion
rsa_authentication_managereq8.4
authentication_managerlt8.4

CPE	Name	Operator	Version
	rsa_authentication_manager	eq	8.4
	authentication_manager	lt	8.4

References

www.securityfocus.com/bid/107210

seclists.org/fulldisclosure/2019/Mar/5