CVE-2018-15782 HIGH

CVE-2018-15782: DSA-2018-226: RSA® Authentication Manager Relative Path Traversal Vulnerability

Vendor Dell
Product RSA Authentication Manager
Published January 16, 2019
Last update September 17, 2024

CVSS base score

7.7/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

The Quick Setup component of RSA Authentication Manager versions prior to 8.4 is vulnerable to a relative path traversal vulnerability. A local attacker could potentially provide an administrator with a crafted license that if used during the quick setup deployment of the initial RSA Authentication Manager system, could allow the attacker unauthorized access to that system.

Key dates

02Disclosure timeline

January 16, 2019 CVE published
September 17, 2024 Record updated