Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0646

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2014-0646
Last Modified 02 May 2014 09:49:06
Published 01 May 2014 01:29:56
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2014-0646

Summary

The runtime WS component in the server in EMC RSA Access Manager 6.1.3 before 6.1.3.39, 6.1.4 before 6.1.4.22, 6.2.0 before 6.2.0.11, and 6.2.1 before 6.2.1.03, when INFO logging is enabled, allows local users to discover cleartext passwords by reading log files.

Vulnerable Systems

Application

  • Emc Rsa Access Manager 6.1

  • Emc Rsa Access Manager 6.2


References

BUGTRAQ - 20140430 ESA-2014-029: RSA Access Manager Sensitive Information Disclosure Vulnerability


Last Updated: 27 May 2016 10:51:59