CVE-2012-4611

RSA Adaptive Authentication On-Premise (AAOP) 6.x contains cross-site scripting vulnerabilities (CVE-2012-4611) that could allow an attacker to execute scripts in the context of an authenticated user. The ESA-2012-054 advisory from RSA EMC notes a Base Score of 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) an...

CVE-2012-4611

Multiple cross-site scripting XSS vulnerabilities in EMC RSA Adaptive Authentication On-Premise AAOP before 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-2286

Unspecified vulnerability in EMC RSA Adaptive Authentication On-Premise AAOP 6.0.2.1 before SP3 P3 allows remote attackers to obtain sensitive information via unknown vectors...

CVE-2012-2286

CVE-2012-2286 affects RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 prior to SP3 P3. The issue is described as an information disclosure vulnerability that could occur when calling specific components within the application. The connected advisory (ESA-2012-035) notes a fix in SP3 P3 for ...

CVE-2011-2742

EMC RSA Adaptive Authentication On-Premise AAOP 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly perform forensic evaluation upon receipt of device tokens from mobile apps, which might allow remote attackers to bypass intended application restrictions via a mobile...

CVE-2011-2741

EMC RSA Adaptive Authentication On-Premise AAOP 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly implement Device Recovery and Device Identification, which might allow remote attackers to bypass intended security restrictions on a 1 previously non-registered device or...

CVE-2011-2742

Summary: CVE-2011-2742 affects EMC RSA Adaptive Authentication On-Premise (AAOP). The issue is that AAOP 6.0.2.1 SP1 Patch 2/3, SP2/SP2 Patch 1, and SP3 does not perform forensic evaluation when device tokens are received from mobile apps, potentially allowing a mobile device to bypass applicatio...

CVE-2011-2741

CVE-2011-2741 affects EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2/3, SP2/SP2 Patch1, and SP3. The issue concerns Device Recovery and Device Identification, where certain data elements from end-user devices may allow bypassing security restrictions for both previously non...

CVE-2011-2733

CVE-2011-2733 affects EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3. Description: the system does not prevent reuse of authentication information within an active session, allowing remote authenticated users to bypass access restrict...

ESA-2011-014: RSA, The Security Division of EMC, announces the release of Adaptive Authentication (On-Premise) Flash File Security Patch

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-014: RSA, The Security Division of EMC, announces the release of Adaptive Authentication On-Premise Flash File Security Patch Advisories Updated April 14, 2011 Summary: A potential cross-site scripting vulnerability has been identified in RSA...