CVE-2013-3273

Published: Jul 8, 2013Modified: Apr 29, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which allows local users to obtain sensitive information by reading the trace log file.

Affected (6)

Products: Emc: Rsa Authentication Manager · Rsa: Authentication Manager

Emc

1 product

Rsa Authentication Manager

Rsa

1 product

Authentication Manager

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Emc Rsa Authentication Manager	Version 7.1
Emc Rsa Authentication Manager	Version 7.1 sp2
Emc Rsa Authentication Manager	Version 7.1 sp3
Emc Rsa Authentication Manager	Version 8.0 p1
Rsa Authentication Manager	Version 7.1 sp1
Rsa Authentication Manager	Version 8.0

Related CWEs

CWE-255

References (2)

http://archives.neohapsis.com/archives/bugtraq/2013-07/0046.html

Source: security_alert@emc.com

http://archives.neohapsis.com/archives/bugtraq/2013-07/0046.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.