Information Disclosure Vulnerability in EMC RSA Web Threat Detection
CVE-2015-4547

Currently unrated

Key Information:

Vendor: Rsa
Status: Web Threat Detection
Vendor: CVE Published:; 12 October 2015

What is CVE-2015-4547?

EMC RSA Web Threat Detection prior to version 5.1 SP1 is susceptible to an information disclosure vulnerability due to the insecure storage of the AnnoDB password within a configuration file. This flaw allows remote authenticated users to read the file and acquire sensitive credentials, potentially leading to unauthorized access to critical system components. Organizations using this version must take immediate action to safeguard sensitive information and mitigate exploitation risks.

References

http://seclists.org/bugtraq/2015/Sep/134

mailing-listx_refsource_BUGTRAQ

http://packetstormsecurity.com/files/133779/RSA-Web-Threa...

x_refsource_MISC

http://www.securitytracker.com/id/1033672

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 12, 2015
Vulnerability Reserved
Jun 11, 2015

Rsa

What is CVE-2015-4547?

References

Timeline