RSA Access Manager Flaw Lets Remote Users Access Protected Resources
|
|
SecurityTracker Alert ID: 1025214 |
|
SecurityTracker URL: http://securitytracker.com/id/1025214
|
|
CVE Reference:
CVE-2011-0322
(Links to External Site)
|
Updated: Jun 6 2011
|
Original Entry Date: Mar 15 2011
|
Impact:
Host/resource access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 5.5.x, 6.0.x, 6.1.x
|
Description:
A vulnerability was reported in RSA Access Manager. A remote user can access protected resources.
A remote user can exploit an input handling flaw to gain access to ostensibly protected resources.
|
Impact:
A remote user can access protected resources.
|
Solution:
The vendor has issued the following hotfixes.
Security Hot fix # 5.5.3.174 for RSA Access Manager Server version 5.5.3
Security Hot fix # 6.0.4.60 for RSA Access Manager Server version 6.0.4
Security Hot fix # 6.1.2.08 for RSA Access Manager Server version 6.1.2
Security Hot fix # 6.1.3.05 for RSA Access Manager Server version 6.1.3
|
Vendor URL: www.rsa.com/ (Links to External Site)
|
Cause:
Access control error, Input validation error
|
Underlying OS:
Linux (Red Hat Enterprise), Linux (SuSE), UNIX (AIX), UNIX (Solaris - SunOS), Windows (2003), Windows (2008)
|
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
