CVE-2011-2740

EMC RSA Key Manager RKM Appliance 2.7 SP1 before 2.7.1.6, when Firefox 4.x or 5.0 is used, does not properly terminate a user session upon a logout action, which makes it easier for remote attackers to execute arbitrary code by leveraging an unattended workstation...

CVE-2011-2740

CVE-2011-2740 affects EMC RSA Key Manager Appliance 2.7 SP1 prior to 2.7.1.6. When using Firefox 4.x or 5.0, it does not properly terminate a user session on logout, enabling potential remote code execution via an unattended workstation. The NVD lists a high CVSSv2 base score (9.3) with network a...

ESA-2011-001: RSA, The Security Division of EMC, addresses RKM 1.5 C Client SQL Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-001: RSA, The Security Division of EMC, addresses RKM 1.5 C Client SQL Injection Vulnerability Security Advisory Updated January 13, 2011 Summary: The vulnerability that was identified in the RSA Key Manager RKM C client 1.5 which may expose...

CVE-2010-1904

RSA Key Manager (RKM) C Client 1.5.x is vulnerable to SQL injection via the metadata in encrypted data, allowing an attacker to manipulate the KeyTable/config caching data and potentially modify or delete encryption keys. The vulnerability arises from improper validation of metadata during key lo...