DSA-2019-038: RSA® Authentication Manager Insecure Credential Management Vulnerability
CVE-2019-3711

5.8MEDIUM

Key Information:

Vendor: Dell
Status: Rsa Authentication Manager
Vendor: CVE Published:; 13 March 2019

Summary

RSA Authentication Manager versions prior to 8.4 P1 contain an Insecure Credential Management Vulnerability. A malicious Operations Console administrator may be able to obtain the value of a domain password that another Operations Console administrator had set previously and use it for attacks.

Affected Version(s)

RSA Authentication Manager 8.4

References

https://seclists.org/fulldisclosure/2019/Mar/5

mailing-listx_refsource_FULLDISC

http://www.securityfocus.com/bid/107210

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Mar 13, 2019
Vulnerability Reserved
Jan 3, 2019