CVE-2013-3273

Published Jul 8, 2013

Last updated 5 years ago

CVSS info 2.1

Overview

Description: EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which allows local users to obtain sensitive information by reading the trace log file.
Source: security_alert@emc.com
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-255

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:emc:rsa_authentication_manager:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "589D4FF7-2107-4861-BA60-114B5D6A0732"
          },
          {
            "criteria": "cpe:2.3:a:emc:rsa_authentication_manager:7.1:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFEA20F9-BFEA-4599-91B8-51F2C62257B1"
          },
          {
            "criteria": "cpe:2.3:a:emc:rsa_authentication_manager:7.1:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "276F775A-7622-46C1-AFAB-BAD4ADB4F551"
          },
          {
            "criteria": "cpe:2.3:a:emc:rsa_authentication_manager:8.0:p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "008D1316-B493-42D2-8A28-FDB935B4DCE3"
          },
          {
            "criteria": "cpe:2.3:a:rsa:authentication_manager:7.1:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78597FC1-4058-4668-84E5-657976B45E8D"
          },
          {
            "criteria": "cpe:2.3:a:rsa:authentication_manager:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79C1944B-5E40-4B0A-8C90-B05F9F512293"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References