The Security Console in EMC RSA Authentication Manager 8.2 SP1 P6 and earlier is affected by a blind SQL injection vulnerability. Authenticated malicious users could potentially exploit this vulnerability to read any unencrypted data from the database.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2018/Jan/81 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/102838 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1040268 | Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2018/Jan/81 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/102838 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1040268 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:14
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/fulldisclosure/2018/Jan/81 - Mailing List, Third Party Advisory | |
References | () http://www.securityfocus.com/bid/102838 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1040268 - Third Party Advisory, VDB Entry |
Information
Published : 2018-01-25 03:29
Updated : 2024-11-21 03:14
NVD link : CVE-2017-15546
Mitre link : CVE-2017-15546
CVE.ORG link : CVE-2017-15546
JSON object : View
Products Affected
emc
- rsa_authentication_manager
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')