CVE-2014-0646

EMC RSA Access Manager 6.1.3-6.1.3.38, 6.1.4-6.1.4.21, 6.2.0-6.2.0.10, 6.2.1-6.2.1.02 - Cleartext Password Exposure

Title source: llm
STIX 2.1

Description

The runtime WS component in the server in EMC RSA Access Manager 6.1.3 before 6.1.3.39, 6.1.4 before 6.1.4.22, 6.2.0 before 6.2.0.11, and 6.2.1 before 6.2.1.03, when INFO logging is enabled, allows local users to discover cleartext passwords by reading log files.

References (1)

Core 1
Core References
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2014-04/0191.html

Scores

EPSS 0.0005
EPSS Percentile 16.4%

Details

CWE
CWE-310
Status published
Products (2)
emc/rsa_access_manager 6.1 sp3 (2 CPE variants)
emc/rsa_access_manager 6.2 (2 CPE variants)
Published May 01, 2014
Tracked Since Feb 18, 2026