You are here

U-205: RSA Access Manager Session Replay Flaw Lets Remote Users Access the System

July 5, 2012 - 7:02am

Addthis

PROBLEM:

RSA Access Manager Session Replay Flaw Lets Remote Users Access the System

PLATFORM:

Version(s): Server version 6.0.x, 6.1, 6.1 SP1, 6.1 SP2, 6.1 SP3; all Agent versions

ABSTRACT:

A vulnerability was reported in RSA Access Manager. A remote user can gain access to the target system.

reference LINKS:

SecurityFocus ESA-2012-026
SecurityTracker Alert ID: 1027220
CVE-2012-2281
RSA SecurCare Online

MPACT ASSESSMENT:

Medium

Discussion:

RSA Access Manager contains a vulnerability that can be potentially exploited by a malicious user to replay the session with compromised session tokens. This is due to improper invalidation of session tokens after a user logs out from a protected resource.

Impact:

A remote user can exploit a flaw in the logout process and replay session credentials to gain access to the target system.

Solution:

To mitigate this vulnerability, RSA strongly recommends that all customers upgrade to RSA Access Manager 6.1 Service Pack 4 or apply the following security hot fixes, at the earliest opportunity. In addition, all supported RSA Access Manager Agents require configuration changes as documented in release notes and readme files.

For RSA Access Manager Server version 6.0.x, upgrade to Service Pack 4 and then apply the security hot fix # AxM HF 6.0.4.64
For RSA Access Manager Server version 6.0.4, apply security hot fix # AxM HF 6.0.4.64
For RSA Access Manager Server version 6.1, upgrade to Service Pack 3 and then apply security hot fix # AxM HF 6.1.3.30
For RSA Access Manager Server version 6.1 Service Pack 1, upgrade to Service Pack 3 and then apply security hot fix # AxM HF 6.1.3.30
For RSA Access Manager Server version 6.1 Service Pack 2, upgrade to Service Pack 3 and then apply security hot fix # AxM HF 6.1.3.30
For RSA Access Manager Server version 6.1 Service Pack 3, apply Security Hot fix # AxM HF 6.1.3.30
The hot fixes can be downloaded from SecurCare Online or by contacting RSA Security Customer Support. .

To obtain the latest RSA product downloads, log on to RSA SecurCare Online . and click Products in the top navigation menu. Select the specific product whose download you want to obtain. Scroll to the s ection for the product download that you want and click on the link.

Addthis