SUSE Security Vulnerability | CVE: CVE-2023-38546
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Conditions: 8.7 SP2
CVE Identifier(s)
Article Summary
CVE: CVE-2023-38546:
- The version of libcurl installed on the remote host is affected by a cookie injection vulnerability. This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met.
- Current AM version : libcurl4-7.66.0-150200.4.57.1
- SUSE score : 4.5
- https://www.suse.com/security/cve/CVE-2023-38546.html
- SUSE Linux Enterprise Server 15 SP3 and LTSS are effected. There is no update available in the SUSE repo yet.
Resolution
- SUSE Linux Enterprise Server 15 SP3 and LTSS are effected. There is no update available in the SUSE repo yet.
- SUSE did not release a fix for this issue, RSA is waiting for a fix from SUSE and no we have no workaround except waiting for a fix from SUSE
Disclaimer
Related Articles
Microprocessor Side-Channel Attacks (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754): Impact on RSA products Number of Views Unable to display Thai characters in PDF report Number of Views RSA Customer Advisory: Spring Framework Spring4Shell Vulnerabilities CVE-2022-22965 CVE-2022-22950 CVE-2022-22963 Number of Views Speculative Execution Side-Channel Vulnerabilities (CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646): Impact on RSA products Number of Views SA: UI fails to load due to wrong version of Java being installed Number of Views
Trending Articles
Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide How to Download OTP Token Seed Files from myRSA RSA Authentication Manager 8.9 Release Notes (January 2026)
Don't see what you're looking for?
