Vulnerability Details CVE-2015-4547
EMC RSA Web Threat Detection before 5.1 SP1 stores a cleartext AnnoDB password in a configuration file, which allows remote authenticated users to obtain sensitive information by reading this file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.5%
CVSS Severity
CVSS v2 Score 4.0
References
- http://packetstormsecurity.com/files/133779/RSA-Web-Threat-Detection-Privilege-Escalation-Information-Disclosure.html
- http://seclists.org/bugtraq/2015/Sep/134
- http://www.securitytracker.com/id/1033672
- http://packetstormsecurity.com/files/133779/RSA-Web-Threat-Detection-Privilege-Escalation-Information-Disclosure.html
- http://seclists.org/bugtraq/2015/Sep/134
- http://www.securitytracker.com/id/1033672
Products affected by CVE-2015-4547
-
cpe:2.3:a:rsa:web_threat_detection:4.0
-
cpe:2.3:a:rsa:web_threat_detection:4.1
-
cpe:2.3:a:rsa:web_threat_detection:4.6
-
cpe:2.3:a:rsa:web_threat_detection:4.6.1.0
-
cpe:2.3:a:rsa:web_threat_detection:4.6.1.1
-
cpe:2.3:a:rsa:web_threat_detection:5.0
-
cpe:2.3:a:rsa:web_threat_detection:5.1