Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which allows local users to obtain sensitive information by reading the trace log file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
EMC RSA Authentication Manager 信息泄露漏洞
Vulnerability Description
EMC RSA Authentication Manager是美国易安信(EMC)公司的一套集中式二元身份认证软件。该软件可跨物理站点集中管理二元身份认证、安全令牌、方法和用户等。 Appliance 3.0版本中使用的EMC RSA Authentication Manager P2之前的8.0版本和SP4 P26之前的7.1版本中存在漏洞,该漏洞源于程序没有省略在自定义SDK应用程序中跟踪登录的明文管理密码。本地攻击者可通过读取跟踪日志文件利用该漏洞获得敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A