RSA Authentication Manager SQL Injection Vulnerability [CVE-2017-15546]

A vulnerability in RSA Authentication Manager could allow an authenticated, remote attacker to conduct a SQL injection attack on a targeted system.

The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by submitting crafted parameter values to a targeted system. A successful exploit could allow the attacker to execute SQL commands on the database associated with the affected software, which could lead to additional attacks.

RSA has confirmed the vulnerability and released software updates.

CVE Number – CVE-2017-15546

Analysis
  • To exploit this vulnerability, the attacker must authenticate to the affected software and may need access to trusted or internal networks. These access requirements could reduce the likelihood of a successful exploit.
Safeguards
  • Administrators are advised to apply the appropriate updates.

    Administrators are advised to allow only trusted users to have network access.

    Administrators are advised to monitor affected systems.

    For additional information about SQL injection attacks and defenses, see Understanding SQL Injection.

Vendor Announcements
  • RSA has released a security advisory at the following link: ESA-2018-002
Fixed Software
Affected Products
  • The security vulnerability applies to the following combinations of products.

RSA Authentication Manager – 8.2 (SP1, SP1 P4, SP1 P6)




Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: