Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
RSA Authentication Manager before 8.7 SP2 Patch 1 allows XML External Entity (XXE) attacks via a license file, resulting in attacker-controlled files being stored on the product's server. Data exfiltration cannot occur.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
RSA Authentication Manager 安全漏洞
Vulnerability Description
RSA Authentication Manager是美国RSA公司的一个安全访问和身份验证平台。 RSA Authentication Manager 8.7 SP2 Patch 1之前版本存在安全漏洞,该漏洞源于可通过许可证文件进行XML外部实体攻击,导致攻击者控制的文件存于服务器。
CVSS Information
N/A
Vulnerability Type
N/A