[SingCERT] RSA Access Manager Session Replay Flaw Lets Remote Users Access the System

Main Menu

Home
Alerts
Links
Contact Us
Search

Mailing List

[SingCERT] RSA Access Manager Session Replay Flaw Lets Remote Users Access the System

Last Updated on Thursday, 05 July 2012 10:39

Attention: open in a new window.

[ Summary ]

RSA has released fixes for RSA Access Manager. Vulnerability was reported in RSA Access Manager whereby a remote user can gain access to the target system by exploiting a flaw in the logout process and replay session credentials.

[ Affected Products ]

RSA Access Manager Server version 6.0.x, 6.1, 6.1 SP1, 6.1 SP2, 6.1 SP3; all Agent versions

[ Impact Analysis ]

A remote user can access the target system by exploiting a flaw in the logout process and replay session credentials to gain access to the target system.

[ Solution/Workaround ]

Updates are available. Please refer to RSA.

[ Reference ]

http://www.securityfocus.com/archive/1/523431/30/0/threaded

https://knowledge.rsasecurity.com

< Prev		Next >

Additional Information

About Us
FAQ
Disclaimer
Security Awareness

Search, View and Navigation

Main Menu

Mailing List

Archive

[SingCERT] RSA Access Manager Session Replay Flaw Lets Remote Users Access the System

Additional Information

Symantec Security Alerts