CVE-2013-3273

EUVD-2013-3210
EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which allows local users to obtain sensitive information by reading the trace log file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Affected Products (NVD)
VendorProductVersion
emcrsa_authentication_manager
7.1
emcrsa_authentication_manager
7.1:sp2
emcrsa_authentication_manager
7.1:sp3
emcrsa_authentication_manager
8.0:p1
rsaauthentication_manager
7.1:sp1
rsaauthentication_manager
8.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2013-07/0046.html
http://archives.neohapsis.com/archives/bugtraq/2013-07/0046.html