CVE-2013-3273

EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which allows local users to obtain sensitive information by reading the trace log file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
dellCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
VendorProductVersion
emcrsa_authentication_manager
7.1
emcrsa_authentication_manager
7.1:sp2
emcrsa_authentication_manager
7.1:sp3
emcrsa_authentication_manager
8.0:p1
rsaauthentication_manager
7.1:sp1
rsaauthentication_manager
8.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2013-07/0046.html
http://archives.neohapsis.com/archives/bugtraq/2013-07/0046.html