000035893 - Where can I find knowledge base articles relating to security vulnerabilities on RSA Link?

Document created by RSA Customer Support Employee on Jan 5, 2018Last modified by RSA Link Team on Feb 15, 2019
Version 10Show Document
  • View in full screen mode

Article Content

Article Number000035893
Applies ToRSA Product Set: All RSA Products
Platform: RSA Link (community.rsa.com)
IssueI want to know where I can find knowledge base articles on RSA Link that relate to specific security vulnerabilities so that I can know how my RSA products are impacted and what steps must be taken to mitigate the risk.
ResolutionInformation relating to security vulnerabilities is provided by RSA via security advisories and knowledge base articles.  Security advisories are notifications that are published on RSA Link and distributed to all customers and partners with active maintenance contracts for the affected product(s) via email. 

Knowledge base articles, on the other hand, are only published on RSA Link and only those that subscribe to (i.e. "follow") the knowledge base for the product will receive email notifications.  These articles are updated regularly--often multiple times per day when vulnerabilities are first discovered--to provide a real-time status on the impact to RSA products.

Vulnerabilities that have no impact on an RSA product (such as false positives) are published in the regular product knowledge base areas which are publicly accessible without the need to log in to RSA Link.  (For example, the article entitled RSA Security Analytics 10.6.2 OpenSSL vulnerabilities - False Positive is published within the RSA NetWitness Logs & Network Knowledge Base space.)

Articles addressing vulnerabilities that do impact RSA products and require mitigation (or which are still under investigation) are accessible only by customers and partners with active maintenance contracts for the affected product, for obvious security reasons.  Therefore, these articles reside on the restricted RSA Security Advisories (All Products) page.  However, the most recent articles that meet this criteria can still be found on both the Knowledge Base and Security Advisories pages for each product under the Recent Advisory Articles section, as shown in the screenshots below.

The image above shows the Recent Advisory Articles section on the RSA NetWitness Logs & Network Knowledge Base page.
User-added image
The image above shows the Recent Advisory Articles section on the RSA SecurID Access Security Advisories page.

The recent advisory articles can also be found on the RSA Link Knowledge Base page, which can be accessed by clicking on the Support option in the website main menu and then by clicking on the Knowledge Base option on the page menu, as shown below.

User-added image
If you wish to be notified via email whenever one of these advisory articles are published then it is recommended that you subscribe to (i.e. "follow") the RSA Security Advisories (All Products) page and select the "Inbox" option.

User-added image
NotesBecause the advisory articles (also known as "Security KB" articles) are restricted to customers and partners with active maintenance contracts, when viewing a knowledge base page while not logged in a message will be displayed in place of the articles instructing the user to log in, as shown in the screenshot below.

User-added image