Users of The Security Division of EMC please be advised of a fix for vulnerability in RSAR Federated Identity Manager vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
ESA-2010-011: ESA-2010-011: fix for vulnerability in RSAR Federated Identity Manager
The Security Division of EMC
Description:
CVE Identifier: CVE-2010-2337
CVSS v2 Base Score: 6 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
RSA Federated Identity Manager 4.0 and 4.1 versions contain potential
arbitrary URL redirection vulnerability that may be exploited by
malicious people to bypass certain security restrictions.
The security hot fix for RSA Federated Identity Manager available
immediately, is designed to address this potential issue. As of the date
of this RSA SecurCare(r) Online Security Advisory, RSA is not aware of
any security breaches that have occurred as a result of this
vulnerability.
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/bfxEW3
No comments:
Post a Comment