EMC RSA Authentication Manager < 8.2 SP1 Patch 7 Security Console Unspecified Blind SQL Injection (ESA-2018-002)
Medium Nessus Plugin ID 106562
SynopsisAn application running on the remote host is affected by an unspecifed blind SQL injection vulnerability.
DescriptionThe version of EMC RSA Authentication Manager running on the remote host is prior to 8.2 SP1 Patch 7 (188.8.131.52). It is, therefore, affected by a blind SQL injection vulnerability in the Security Console that allows authenticated users to read any unencrypted data from the database.
SolutionUpgrade to EMC RSA Authentication Manager version 8.2 SP1 Patch 7 (184.108.40.206) or later.