Skip to main content

Authentication Manager CVE-2013-0947

LOW
Credentials Management Errors (CWE-255)
2013-06-07 security_alert@emc.com
2.1
CVSS 2.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:L/AC:L/Au:N/C:P/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Confidentiality
P
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Jun 07, 2013 - 20:55 cve.org
LOW 2.1

DescriptionCVE.org

EMC RSA Authentication Manager 8.0 before P1 allows local users to discover cleartext operating-system passwords, HTTP plug-in proxy passwords, and SNMP communities by reading a (1) log file or (2) configuration file.

AnalysisAI

EMC RSA Authentication Manager 8.0 before P1 allows local users to discover cleartext operating-system passwords, HTTP plug-in proxy passwords, and SNMP communities by reading a (1) log file or (2). Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-255. EMC RSA Authentication Manager 8.0 before P1 allows local users to discover cleartext operating-system passwords, HTTP plug-in proxy passwords, and SNMP communities by reading a (1) log file or (2) configuration file. Affected products include: Rsa Authentication Manager.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2018-1247 HIGH POC
7.1 May 08

RSA Authentication Manager Security Console, version 8.3 and earlier, contains a XML External Entity (XXE) vulnerability

CVE-2019-3711 HIGH
7.2 Mar 13

RSA Authentication Manager versions prior to 8.4 P1 contain an Insecure Credential Management Vulnerability. Rated high

CVE-2012-2279 MEDIUM
6.4 Jul 13

Open redirect vulnerability in the Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID

CVE-2018-11074 MEDIUM
6.1 Sep 28

RSA Authentication Manager versions prior to 8.3 P3 are affected by a DOM-based cross-site scripting vulnerability which

CVE-2018-1248 MEDIUM
6.1 May 08

RSA Authentication Manager Security Console, Operation Console and Self-Service Console, version 8.3 and earlier, is aff

CVE-2012-2280 MEDIUM
5.0 Jul 13

EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 do not properly use frame

CVE-2019-18574 MEDIUM
4.8 Dec 03

RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the

CVE-2018-11073 MEDIUM
4.8 Sep 28

RSA Authentication Manager versions prior to 8.3 P3 contain a stored cross-site scripting vulnerability in the Operation

CVE-2018-11075 MEDIUM
4.7 Sep 28

RSA Authentication Manager versions prior to 8.3 P3 contain a reflected cross-site scripting vulnerability in a Security

CVE-2012-2278 MEDIUM
4.3 Jul 13

Multiple cross-site scripting (XSS) vulnerabilities in the (1) Self-Service Console and (2) Security Console in EMC RSA

CVE-2013-3273 LOW
2.1 Jul 08

EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the clearte

Share

CVE-2013-0947 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy