Vulnerability Description
RSA Authentication Manager versions prior to 8.4 P1 contain an Insecure Credential Management Vulnerability. A malicious Operations Console administrator may be able to obtain the value of a domain password that another Operations Console administrator had set previously and use it for attacks.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Emc | Rsa Authentication Manager | 8.4 |
| Rsa | Authentication Manager | < 8.4 |
References
- http://www.securityfocus.com/bid/107210Third Party AdvisoryVDB Entry
- https://seclists.org/fulldisclosure/2019/Mar/5Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/107210Third Party AdvisoryVDB Entry
- https://seclists.org/fulldisclosure/2019/Mar/5Mailing ListThird Party Advisory
FAQ
What is CVE-2019-3711?
CVE-2019-3711 is a vulnerability with a CVSS score of 5.8 (MEDIUM). RSA Authentication Manager versions prior to 8.4 P1 contain an Insecure Credential Management Vulnerability. A malicious Operations Console administrator may be able to obtain the value of a domain pa...
How severe is CVE-2019-3711?
CVE-2019-3711 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-3711?
Check the references section above for vendor advisories and patch information. Affected products include: Emc Rsa Authentication Manager, Rsa Authentication Manager.