SUSE Security Vulnerability | CVE: CVE-2023-38546
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Conditions: 8.7 SP2
CVE Identifier(s)
Article Summary
CVE: CVE-2023-38546:
- The version of libcurl installed on the remote host is affected by a cookie injection vulnerability. This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met.
- Current AM version : libcurl4-7.66.0-150200.4.57.1
- SUSE score : 4.5
- https://www.suse.com/security/cve/CVE-2023-38546.html
- SUSE Linux Enterprise Server 15 SP3 and LTSS are effected. There is no update available in the SUSE repo yet.
Resolution
- SUSE Linux Enterprise Server 15 SP3 and LTSS are effected. There is no update available in the SUSE repo yet.
- SUSE did not release a fix for this issue, RSA is waiting for a fix from SUSE and no we have no workaround except waiting for a fix from SUSE
Disclaimer
Related Articles
Speculative Execution Side-Channel Vulnerabilities (CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646): Impact on RSA products Number of Views Infineon Trusted Platform Module (TPM) Vulnerability (CVE-2017-15361) Impact on RSA Products Number of Views Apache Common Library InvokerTransformer Vulnerability (CVE-2015-4852 & CVE-2015-6420) in RSA Access Manager 6.x - False P… Number of Views RSA Customer Advisory: Spring Framework Spring4Shell Vulnerabilities CVE-2022-22965 CVE-2022-22950 CVE-2022-22963 Number of Views Microprocessor Side-Channel Attacks (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754): Impact on RSA products Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process Download RSA SecurID Access Cloud User Event audit logs using Cloud Administration REST API CLU RSA Authentication Manager Patch Updates How to manipulate imported RSA SecurID Software Token(s) on an iPhone or iPad device RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
