CVE-2013-3273

RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26 - Cleartext Password Exposure in Trace Log

Title source: llm
STIX 2.1

Description

EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which allows local users to obtain sensitive information by reading the trace log file.

References (1)

Core 1
Core References
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2013-07/0046.html

Scores

EPSS 0.0005
EPSS Percentile 16.7%

Details

CWE
CWE-255
Status published
Products (4)
emc/rsa_authentication_manager 7.1 (3 CPE variants)
emc/rsa_authentication_manager 8.0 p1
rsa/authentication_manager 7.1 sp1
rsa/authentication_manager 8.0
Published Jul 08, 2013
Tracked Since Feb 18, 2026