Lucene search

PRIOn knowledge basePRION:CVE-2013-0941

HistoryMay 22, 2013 - 1:29 p.m.

Input validation

2013-05-2213:29:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.4%

JSON

EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.

CPENameOperatorVersion
authentication_agentle6.1.3
authentication_apile8.1
pluggable_authentication_module_agentle6.0
securid_web_agentle5.3.4
securid_web_agentle5.3.4

Name	Operator	Version
authentication_agent	le	6.1.3
authentication_api	le	8.1
pluggable_authentication_module_agent	le	6.0
securid_web_agent	le	5.3.4
securid_web_agent	le	5.3.4

References

archives.neohapsis.com/archives/bugtraq/2013-05/0064.html

6 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2013-0941