CVE-2017-8006
N/A
N/A
Summary
In EMC RSA Authentication Manager 8.2 SP1 Patch 1 and earlier, a malicious user logged into the Self-Service Console of RSA Authentication Manager as a target user can use a brute force attack to attempt to identify that user's PIN. The malicious user could potentially reset the compromised PIN to affect victim's ability to obtain access to protected resources.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | RSA Authentication Manager 8.2 SP1 Patch 1 and earlier | RSA Authentication Manager 8.2 SP1 Patch 1 and earlier | affected |
Weaknesses
- Brute Force PIN-Guessing Vulnerability
ADP Enrichment
CVE Program Container
Additional References
- http://seclists.org/fulldisclosure/2017/Jul/23
- http://www.securityfocus.com/bid/99554
- http://www.securitytracker.com/id/1038879
References
- http://seclists.org/fulldisclosure/2017/Jul/23
- http://www.securityfocus.com/bid/99554
- http://www.securitytracker.com/id/1038879
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.