DSA-2018-226: RSA® Authentication Manager Relative Path Traversal Vulnerability
CVE-2018-15782

7.7HIGH

Key Information:

Vendor: Dell
Status: Rsa Authentication Manager
Vendor: CVE Published:; 16 January 2019

What is CVE-2018-15782?

The Quick Setup component of RSA Authentication Manager versions prior to 8.4 is vulnerable to a relative path traversal vulnerability. A local attacker could potentially provide an administrator with a crafted license that if used during the quick setup deployment of the initial RSA Authentication Manager system, could allow the attacker unauthorized access to that system.

Affected Version(s)

RSA Authentication Manager < 8.4

References

https://seclists.org/fulldisclosure/2019/Jan/18

mailing-listx_refsource_FULLDISC

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 16, 2019
Vulnerability Reserved
Aug 23, 2018

Dell

What is CVE-2018-15782?

Affected Version(s)

References

CVSS V3.1

Timeline