RSA Authentication Manager update for third-party components
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 23 |
| CVE-ID | CVE-2018-6913 CVE-2024-21138 CVE-2024-21131 CVE-2024-21140 CVE-2024-21147 CVE-2024-21183 CVE-2024-21182 CVE-2024-21175 CVE-2024-21181 CVE-2018-6798 CVE-2024-25062 CVE-2023-52881 CVE-2024-4741 CVE-2023-45288 CVE-2024-37371 CVE-2024-37370 CVE-2024-26614 CVE-2023-1192 CVE-2021-47001 CVE-2021-46955 CVE-2024-26828 CVE-2023-47233 CVE-2022-20132 |
| CWE-ID | CWE-122 CWE-20 CWE-119 CWE-416 CWE-451 CWE-400 CWE-125 CWE-399 CWE-191 CWE-200 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #7 is available. Public exploit code for vulnerability #14 is available. |
| Vulnerable software |
RSA Authentication Manager Web applications / Remote management & hosting panels |
| Vendor | RSA |
Security Bulletin
This security bulletin contains information about 23 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU11835
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-6913
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition or execute arbitrary code on the target system.
The weakness exists due to heap-based buffer overflow. A local attacker can exploit a specially crafted pack() function, trigger memory corruption and cause the service to crash or run Perl code.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper input validation
EUVDB-ID: #VU94560
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-21138
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper input validation
EUVDB-ID: #VU94559
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-21131
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper input validation
EUVDB-ID: #VU94557
Risk: Medium
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21140
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper input validation
EUVDB-ID: #VU94555
Risk: Medium
CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21147
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper input validation
EUVDB-ID: #VU94551
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21183
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Core component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper input validation
EUVDB-ID: #VU94550
Risk: Medium
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2024-21182
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Core component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
8) Improper input validation
EUVDB-ID: #VU94549
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21175
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Core component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Improper input validation
EUVDB-ID: #VU94548
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-21181
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the Core component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Heap-based buffer over-read
EUVDB-ID: #VU11834
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-6798
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information or execute arbitrary code on the target system.
The weakness exists due to heap-based buffer over-read. A local attacker can exploit a specially crafted locale dependent regular expression, trigger memory corruption and gain access to potentially sensitive information or run Perl code.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Use-after-free
EUVDB-ID: #VU86052
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-25062
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in xmlValidatePopElement when using the XML Reader interface with DTD validation and XInclude expansion enabled. A remote attacker can pass a specially crafted XML document to the application, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Spoofing attack
EUVDB-ID: #VU89895
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-52881
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to an error within the tcp_ack() function in net/ipv4/tcp_input.c, which can result in system accepting ACK responses for bytes that were never sent. A remote attacker can perform spoofing attack.
Install update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Use-after-free
EUVDB-ID: #VU89861
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-4741
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the SSL_free_buffers() function. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.
Note, the vulnerability affects only applications that call the vulnerable function.
Install update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Resource exhaustion
EUVDB-ID: #VU88184
Risk: Medium
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2023-45288
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single HTTP/2 stream. A remote attacker can send specially crafted HTTP/2 requests to the server and perform a denial of service (DoS) attack. MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
15) Out-of-bounds read
EUVDB-ID: #VU93519
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-37371
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when handling GSS message token. A remote attacker can send specially crafted token to the application, trigger an out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Input validation error
EUVDB-ID: #VU93518
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-37370
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Resource management error
EUVDB-ID: #VU91320
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-26614
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the reqsk_queue_alloc() function in net/core/request_sock.c. A remote attacker can send specially crafted ACK packets to the system and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Use-after-free
EUVDB-ID: #VU81923
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-1192
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_is_status_io_timeout() function in Linux kernel. A local user can set environment variable to a specific value, trigger a use-after-free error and execute arbitrary code with elevated privileges.
Install update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Input validation error
EUVDB-ID: #VU94145
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47001
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the rpcrdma_xprt_connect() and rpcrdma_post_sends() functions in net/sunrpc/xprtrdma/verbs.c, within the rpcrdma_reply_handler() function in net/sunrpc/xprtrdma/rpc_rdma.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Out-of-bounds read
EUVDB-ID: #VU88889
Risk: Medium
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-46955
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the ovs_fragment() function in net/openvswitch/actions.c when running openvswitch on kernels built with KASAN. A remote attacker can send specially crafted IPv4 packets to the system, trigger an out-of-bounds read error and read contents of memory on the system or crash the kernel.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Integer underflow
EUVDB-ID: #VU91674
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26828
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the parse_server_interfaces() function in fs/smb/client/smb2ops.c. A local user can execute arbitrary code.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Use-after-free
EUVDB-ID: #VU82755
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-47233
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows an attacker to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brcm80211 in a brcmf_cfg80211_detach in the device unplugging (disconnect the USB by hotplug) code. An attacker with physical access to device can trigger a use-after-free error and escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Information disclosure
EUVDB-ID: #VU64136
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-20132
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in the USB HID component in Linux Kernel. A local user can trigger the vulnerability to gain access to potentially sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsRSA Authentication Manager: 8.7 SP2 - 8.7 SP2 Patch 3
CPE2.3- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 1:*:*:*:*:*:*
- cpe:2.3:a:rsa:rsa_authentication_manager:8.7:SP2 Patch 2:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
