CVE-2017-8006

Summary

In EMC RSA Authentication Manager 8.2 SP1 Patch 1 and earlier, a malicious user logged into the Self-Service Console of RSA Authentication Manager as a target user can use a brute force attack to attempt to identify that user's PIN. The malicious user could potentially reset the compromised PIN to affect victim's ability to obtain access to protected resources.

Affected Software

VendorProductVersion RangeStatus
n/aRSA Authentication Manager 8.2 SP1 Patch 1 and earlierRSA Authentication Manager 8.2 SP1 Patch 1 and earlieraffected

Weaknesses

  • Brute Force PIN-Guessing Vulnerability

ADP Enrichment

CVE Program Container

Additional References

References