RSA Authentication Manager 8.9 – Spring Framework-Related Vulnerabilities
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.9.x
CVE Identifier(s)
Article Summary
RSA Authentication Manager – Spring Framework CVE Assessment
| CVE | Reference | Component | Impact Assessment / RSA Response |
| CVE-2016-1000027 | https://nvd.nist.gov/vuln/detail/CVE-2016-1000027 | spring-web 5.3.39 | RSA Authentication Manager uses the readRemoteInvocation function from Spring’s HttpInvokerServiceExporter, which could potentially allow deserialization of untrusted objects if exposed to untrusted clients. However, access to this service is restricted to trusted and authenticated clients only. Therefore, the product is not exposed and there is no impact. |
| CVE-2025-41249 | https://nvd.nist.gov/vuln/detail/CVE-2025-41249 | spring-core 5.3.31, 5.3.39 | RSA Authentication Manager is not affected because it does not use Spring Security’s @EnableMethodSecurity feature. |
| CVE-2024-38819 | https://nvd.nist.gov/vuln/detail/CVE-2024-38819 | spring-webmvc 5.3.30 | RSA Authentication Manager is not vulnerable because it does not use WebMvc.fn or WebFlux.fn functional web frameworks. |
| CVE-2024-38816 | https://nvd.nist.gov/vuln/detail/CVE-2024-38816 | spring-webmvc 5.3.30 | RSA Authentication Manager is not vulnerable because it does not use WebMvc.fn or WebFlux.fn functional web frameworks. |
Notes
Disclaimer
Related Articles
Spring-related vulnerabilities for RSA Authentication Manager 169Number of Views SecurID® Authentication Manager 8.7 Known Issues 198Number of Views KCA Apache web server showing security vulnerability with scan due patch level/version 50Number of Views Advisory regarding vulnerabilities reported by Oracle Java CVEs for applications running untrusted code 182Number of Views Bash bug Vulnerability (Shellshock) in RSA products 1.31KNumber of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA-2026-07: RSA Authentication Manager Security Update for Third-Party Component Vulnerabilities Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?