SUSE Security Vulnerability | CVE: CVE-2023-38546
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Conditions: 8.7 SP2
CVE Identifier(s)
Article Summary
CVE: CVE-2023-38546:
- The version of libcurl installed on the remote host is affected by a cookie injection vulnerability. This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met.
- Current AM version : libcurl4-7.66.0-150200.4.57.1
- SUSE score : 4.5
- https://www.suse.com/security/cve/CVE-2023-38546.html
- SUSE Linux Enterprise Server 15 SP3 and LTSS are effected. There is no update available in the SUSE repo yet.
Resolution
- SUSE Linux Enterprise Server 15 SP3 and LTSS are effected. There is no update available in the SUSE repo yet.
- SUSE did not release a fix for this issue, RSA is waiting for a fix from SUSE and no we have no workaround except waiting for a fix from SUSE
Disclaimer
Related Articles
Does CVS cache CRLs? in RSA Certificate Verification Server 1.0 Number of Views How to create custom folders for reports Number of Views Apache Common Library InvokerTransformer Vulnerability (CVE-2015-4852 & CVE-2015-6420) in RSA Access Manager 6.x - False P… Number of Views Speculative Execution Side-Channel Vulnerabilities (CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646): Impact on RSA products Number of Views Response to OpenSSH Vulnerabilities on RSA Authentication Manager 8.8 - CVE-2023-51385, CVE-2023-51767, CVE-2023-51384 Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA-2026-07: RSA Authentication Manager Security Update for Third-Party Component Vulnerabilities Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
