Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Authentication Agent For Web Security Vulnerabilities

cve
cve

CVE-2005-1118

Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the RSA Authentication Agent for Web 5.2 allows remote attackers to inject arbitrary web script or HTML via the postdata parameter.

5.6AI Score

0.006EPSS

2005-04-16 04:00 AM
27
cve
cve

CVE-2005-3329

Cross-site scripting (XSS) vulnerability in RSA Authentication Agent for Web 5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter in a GetPic operation.

5.8AI Score

0.01EPSS

2005-10-27 10:02 AM
23
cve
cve

CVE-2005-4734

Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for Web (aka SecurID Web Agent) 5.2 and 5.3 for IIS allows remote attackers to execute arbitrary code via a long url parameter in the Redirect method.

8AI Score

0.371EPSS

2006-03-19 11:00 PM
29
cve
cve

CVE-2010-3261

Directory traversal vulnerability in RSA Authentication Agent 7.0 before P2 for Web allows remote attackers to read unspecified data via unknown vectors.

6.8AI Score

0.004EPSS

2010-09-24 07:00 PM
25
cve
cve

CVE-2017-14377

EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and RSA Authentication Agent for Web: Apache Web Server version 8.0.1 prior to Build 618 have a security vulnerability that could potentially lead to authentication bypass.

9.8CVSS

9.6AI Score

0.006EPSS

2017-11-29 06:29 PM
31
cve
cve

CVE-2018-1232

RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit this vulnerability to crash the authenticatio...

7.5CVSS

7.7AI Score

0.001EPSS

2018-03-30 09:29 PM
53
cve
cve

CVE-2018-1233

RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. The attackers could potentially exploit this vulnerability to execute arbitrary HTML or JavaScript code in the user's browser session in the context of...

6.1CVSS

6.5AI Score

0.001EPSS

2018-03-30 09:29 PM
56
cve
cve

CVE-2018-1234

RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access control list (ACL) permissions on a Windows Named Pipe were not sufficient to prevent access by unauthorized users. The attacker with local access to the system can exploit this vulnerability to...

5.5CVSS

6.3AI Score

0.0004EPSS

2018-03-30 09:29 PM
53