SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   RSA Authentication Manager Vendors:   RSA
RSA Authentication Manager Bugs Let Remote Users Inject HTTP Headers and Remote Authenticated Users Conduct XML External Entity Attacks
SecurityTracker Alert ID:  1040835
SecurityTracker URL:  http://securitytracker.com/id/1040835
CVE Reference:   CVE-2018-1247, CVE-2018-1248   (Links to External Site)
Date:  May 4 2018
Impact:   Denial of service via network, Disclosure of system information, Disclosure of user information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 8.3 P1
Description:   Two vulnerabilities were reported in RSA Authentication Manager. A remote user can conduct HTTP header injection attacks. A remote authenticated user can conduct XML external entity attacks to obtain files on the target system.

A remote user can create a specially crafted request to inject arbitrary Host header data [CVE-2018-1248]. A remote user can exploit this to poison intermediate web caches and redirect the target user's browser to an arbitrary web site.

A remote authenticated admin user can supply specially crafted XML External Entity (XXE) data to the target interface to read files on the target system with the privileges of the target service or cause denial of service conditions [CVE-2018-1247].

Mantas Juskauskas from SEC Consult Vulnerability reported one of these vulnerabilities.

Impact:   A remote user can create a URL that, when loaded by the target user, will redirect the target user's browser to an arbitrary web site.

A remote user may be able to poison any intermediate web caches with arbitrary content.

A remote authenticated admin user can read files on the target system with the privileges of the target service.

A remote authenticated admin user can cause denial of service conditions on the target system.

Solution:   The vendor has issued a fix (8.3 P1l; Advisory DSA-2018-086).
Vendor URL:  www.dell.com/ (Links to External Site)
Cause:   Access control error, Input validation error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC