SB2018050704 - Multiple vulnerabilities in RSA Authentication Manager
Published: May 7, 2018
Security Bulletin ID
SB2018050704
Severity
Low
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) XXE attack (CVE-ID: CVE-2018-1247)
The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information and cause DoS condition on the target system.The weakness exists due to improper restrictions of XML External Entity (XXE) references. A remote attacker can supply specially crafted XML External Entity (XXE) data to the target interface, read files with the privileges of the target service or cause the service to crash.
2) HTTP response splitting (CVE-ID: CVE-2018-1248)
The vulnerability allows a remote attacker to obtain potentially sensitive information and write arbitrary files on the target system.The weakness exists due to improper handling of HTTP requests. A remote attacker can trick the victim into opening a specially crafted URL, conduct HTTP header injection attack and poison any intermediate web caches with arbitrary content.
Remediation
Install update from vendor's website.