3 matches found
ESA-2014-003: RSA® Data Loss Prevention Improper Session Management Vulnerability
ESA-2014-003.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-003: RSA® Data Loss Prevention Improper Session Management Vulnerability EMC Identifier: ESA-2014-003 CVE Identifier: CVE-2014-0624 Severity Rating: CVSS v2 Base Score: 3.5 AV:L/AC:H/Au:S/C:P/I:P/A:P Affected Products: RSA Da...
CVE-2014-0624
EMC RSA Data Loss Prevention DLP 9.x before 9.6-SP2 does not properly manage sessions, which allows remote authenticated users to gain privileges and bypass intended content-reading restrictions via unspecified vectors...
CVE-2014-0624
CVE-2014-0624 corresponds to an improper session management vulnerability in RSA Data Loss Prevention (DLP). The issue affects RSA DLP versions 9.0, 9.5, and 9.6 (Enterprise Manager) prior to 9.6-SP2, where session handling could allow a lower-privileged, authenticated user to access content and ...