CVE-2019-3711
First published: Wed Mar 13 2019(Updated: )
RSA Authentication Manager versions prior to 8.4 P1 contain an Insecure Credential Management Vulnerability. A malicious Operations Console administrator may be able to obtain the value of a domain password that another Operations Console administrator had set previously and use it for attacks.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| EMC RSA Authentication Manager | =8.4 | |
| RSA Authentication Manager | <8.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-3711?
CVE-2019-3711 is a vulnerability in RSA Authentication Manager versions prior to 8.4 P1 that allows a malicious administrator to obtain and use domain passwords.
How severe is CVE-2019-3711?
CVE-2019-3711 has a severity rating of 7.2, which is categorized as high.
Which versions of RSA Authentication Manager are affected by CVE-2019-3711?
RSA Authentication Manager versions prior to 8.4 P1 are affected by CVE-2019-3711.
How can a malicious administrator exploit CVE-2019-3711?
A malicious Operations Console administrator can obtain and use domain passwords set by another administrator.
Are there any references available for CVE-2019-3711?
Yes, you can find more information about CVE-2019-3711 at these references: http://www.securityfocus.com/bid/107210 and https://seclists.org/fulldisclosure/2019/Mar/5
- collector/nvd-index
- vendor/emc
- canonical/emc rsa authentication manager
- version/emc rsa authentication manager/8.4
- vendor/rsa
- canonical/rsa authentication manager