You are here

U-027: RSA Key Manager Appliance Session Logout Bug Fails to Terminate Sessions

November 4, 2011 - 8:00am

Addthis

PROBLEM:

RSA Key Manager Appliance Session Logout Bug Fails to Terminate Sessions.

PLATFORM:

RSA Key Manager Appliance 2.7 Service Pack 1

ABSTRACT:

A remote authenticated user session may not terminate properly.

reference LINKS:

SecurityTracker Alert ID: 1026276
SecurityFocus Bug Traq
Seclists: ESA-2011-035
CVE-2011-2740

IMPACT ASSESSMENT:

Medium

Discussion:

A vulnerability was reported in RSA Key Manager Appliance. A remote authenticated user session may not terminate properly. When using Firefox 4 and 5, an authenticated user session is not terminated properly when logging out.

Impact:

A remote authenticated user session may not terminate properly.

Solution:

RSA strongly recommends that all customers on RKM Appliance 2.7 SP1 apply the 2.7.1.6 hotfix, since this hotfix addresses security related fixes, hot fix roll ups, and bug fixes.
To obtain the latest RSA product downloads, log on at RSA SecurCare.

Addthis