Advisory regarding vulnerabilities reported by Oracle Java CVEs for applications running untrusted code
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue
However, a scanner can still detect this vulnerability on RSA Authentication Manager servers, such vulnerabilities are like the Oracle Java SE Multiple Vulnerabilities (January 2023 CPU) Plugin ID: 170161, and this article addresses concerns relating to vulnerabilities with a similar description.
Resolution
This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security.The RSA Authentication Manager is a server-side application that loads and runs only trusted code (not code from web applets, web sites, etc). The RSA Authentication Manager is not a client application running untrusted code or relying upon the Java sandbox for security.
Hence any concerns regarding vulnerabilities with the above description are regarded as false positives with RSA Authentication Manager.
Related Articles
Best practices for running vulnerability scans against RSA Authentication Manager 8.x Number of Views How to remediate the impact of the POODLE vulnerability on RSA Endpoint Number of Views RSA ID Plus BlastRADIUS Vulnerability Fix: Frequently Asked Questions Number of Views CERT/CC Vulnerability Note VU#144389: Potential Impact on RSA Products Number of Views Bash bug Vulnerability (Shellshock) in RSA products Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
