DSA-2018-226: RSA® Authentication Manager Relative Path Traversal Vulnerability
CVE-2018-15782

7.7HIGH

Key Information:

Vendor: Dell
Status: Rsa Authentication Manager
Vendor: CVE Published:; 16 January 2019

Summary

The Quick Setup component of RSA Authentication Manager versions prior to 8.4 is vulnerable to a relative path traversal vulnerability. A local attacker could potentially provide an administrator with a crafted license that if used during the quick setup deployment of the initial RSA Authentication Manager system, could allow the attacker unauthorized access to that system.

Affected Version(s)

RSA Authentication Manager < 8.4

References

https://seclists.org/fulldisclosure/2019/Jan/18

mailing-listx_refsource_FULLDISC

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jan 16, 2019
Vulnerability Reserved
Aug 23, 2018