PT-2013-4269 · Emc · Emc Rsa Authentication Manager

Published

2013-07-08

Updated

2020-03-27

CVE-2013-3273

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions EMC RSA Authentication Manager versions 7.1 through 7.1 SP4 P25 EMC RSA Authentication Manager version 8.0 through 8.0 P1

Description The issue allows local users to obtain sensitive information by reading the trace log file, as the cleartext administrative password is not omitted from trace logging in custom SDK applications.

Recommendations For EMC RSA Authentication Manager versions 7.1 through 7.1 SP4 P25, update to SP4 P26 or later. For EMC RSA Authentication Manager version 8.0 through 8.0 P1, update to P2 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2013-3273

Affected Products

Emc Rsa Authentication Manager

PT-2013-4269 · Emc · Emc Rsa Authentication Manager

CVE-2013-3273

Weakness Enumeration

Related Identifiers

Affected Products

References · 2