{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"RSA Access Manager Server version 5.5.3 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"RSA Access Manager Server version 6.1.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"RSA Access Manager Server version 6.0.4 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne personne malveillante peut exploiter une vuln\u00e9rabilit\u00e9 dans RSA\nAccess Manager Server et son syst\u00e8me de mise \u00e0 jour de cache pour\ncontourner la politique de s\u00e9curit\u00e9 et obtenir l'acc\u00e8s \u00e0 des ressources\nprot\u00e9g\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2010-3018","url":"https://www.cve.org/CVERecord?id=CVE-2010-3018"}],"links":[],"reference":"CERTA-2010-AVI-424","revisions":[{"description":"version initiale.","revision_date":"2010-09-09T00:00:00.000000"}],"risks":[{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans <span class=\"textit\">RSA Access Manager\nServer</span> permet \u00e0 un attaquant de contourner certaines restrictions\ndans la politique de s\u00e9curit\u00e9.\n","title":"Vuln\u00e9rabilit\u00e9 dans RSA Access Manager Server","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 RSA ESA-2010-014 du 08 Septembre 2010","url":"http://archives.neohapsis.com/archives/bugtraq/2010-09/0056.html"}]}