On November 12, 2019, Intel shared information about a new mechanism, similar to Microarchitectural Data Sampling (MDS) referred to as “TAA” (Transactional Synchronization Extensions (TSX) Asynchronous Abort). This mechanism affects CPUs that support TSX and the mitigations include additional means to clear buffers in software or disable TSX for those customers who do not use this functionality. RSA is working closely with Intel to release security updates to address this vulnerability and help customers ensure the security of the data and systems. RSA urges customers to review this article for impact on RSA products.
For information on other Dell products, refer to:
RSA is assessing impact and this article will be updated with the remediation status for any RSA product that is impacted by these vulnerabilities.
|RSA Product Name||Versions||Impacted?||Details||Last Updated|
|RSA Authentication Manager (Hardware Appliance)||All||Not Impacted||It is a single-user, root-user-only appliance. This issue does not introduce any additional security risk to a customer's environment, provided the recommended best practices to protect the access of highly privileged accounts are followed.||2019-11-12|
|RSA Identity Governance & Lifecycle (Hardware Appliance)||7.1.1, 7.1.0, 7.0.x||Impacted||Remediation pending availability of Dell PowerEdge BIOS updates.||2019-11-12|
|RSA NetWitness Logs and Network (Hardware Appliance)||11.x, 10.x||Impacted||Remediation pending availability of Dell PowerEdge BIOS updates.||2019-11-12|