Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveDellCVE-2019-3711
HistoryMar 13, 2019 - 10:00 p.m.

CVE-2019-3711

2019-03-1322:00:00
dell
web.nvd.nist.gov
41
cve-2019-3711
rsa authentication manager
insecure credential management
vulnerability
nvd
operations console
administrator
domain password
security

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

39.8%

JSON

RSA Authentication Manager versions prior to 8.4 P1 contain an Insecure Credential Management Vulnerability. A malicious Operations Console administrator may be able to obtain the value of a domain password that another Operations Console administrator had set previously and use it for attacks.

Affected configurations

Nvd
Node
emcrsa_authentication_managerMatch8.4-
OR
rsaauthentication_managerRange<8.4
VendorProductVersionCPE
emcrsa_authentication_manager8.4cpe:2.3:a:emc:rsa_authentication_manager:8.4:-:*:*:*:*:*:*
rsaauthentication_manager*cpe:2.3:a:rsa:authentication_manager:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "RSA Authentication Manager",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "P1",
        "status": "affected",
        "version": "8.4",
        "versionType": "custom"
      }
    ]
  }
]

Related

prion 1
nvd 1
nessus 1
cvelist 1
prion
prion
Design/Logic Flaw
2019-03-13 21:29:00
nvd
nvd
CVE-2019-3711
2019-03-13 21:29:00
nessus
nessus
EMC RSA Authentication Manager < 8.4 P1 Insecure Credential Management (DSA-2019-038)
2019-03-08 00:00:00
cvelist
cvelist
CVE-2019-3711 DSA-2019-038: RSA® Authentication Manager Insecure Credential Management Vulnerability
2019-03-13 22:00:00

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

39.8%

JSON
Related for CVE-2019-3711
prion1nvd1nessus1cvelist1