Lucene search

[email protected]NVD:CVE-2011-2742

HistoryDec 14, 2011 - 11:55 a.m.

CVE-2011-2742

2011-12-1411:55:06

CWE-264

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.6%

JSON

EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly perform forensic evaluation upon receipt of device tokens from mobile apps, which might allow remote attackers to bypass intended application restrictions via a mobile device.

Affected configurations

NVD

Node

emcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp1_patch2

emcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp1_patch3

emcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp2

emcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp2_patch1

emcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp3

References

www.securityfocus.com/archive/1/520850

www.securitytracker.com/id?1026420

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.6%

JSON

Related for NVD:CVE-2011-2742

prion1 cve1 cvelist1 securityvulns2