Lucene search
K
RsaAuthentication Agent For Web

8 matches found

CVE
CVE
added 2018/03/30 9:0 p.m.92 views

CVE-2018-1233

RSA Authentication Agent for Web for IIS and for Apache Web Server (versions 8.0.1 and earlier) are affected by a cross-site scripting (CVE-2018-1233) vulnerability that could allow an attacker to execute arbitrary HTML/JavaScript in a user’s browser session. Public details in multiple sources de...

6.1CVSS6.5AI score0.01071EPSS
CVE
CVE
added 2018/03/30 9:0 p.m.91 views

CVE-2018-1234

CVE-2018-1234 affects RSA Authentication Agent for Web for IIS versions 8.0.1 and earlier. The root cause is insufficient ACL protections on a Windows Named Pipe, allowing a local attacker to read configuration properties of the authentication agent. Exploitation requires local access; no remote ...

5.5CVSS6.3AI score0.00461EPSS
CVE
CVE
added 2018/03/30 9:0 p.m.87 views

CVE-2018-1232

CVE-2018-1232 affects RSA Authentication Agent for Web (IIS and Apache) up to version 8.0.1, vulnerable to a stack-based buffer overflow when processing certain malformed web cookies. This can crash the authentication agent, causing a denial of service. Other sources reiterate similar vulnerabili...

7.5CVSS7.7AI score0.0282EPSS
CVE
CVE
added 2005/04/16 4:0 a.m.75 views

CVE-2005-1118

CVE-2005-1118 describes a cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll of the RSA Authentication Agent for Web 5.2. The flaw allows remote attackers to inject arbitrary web script or HTML via the postdata parameter. The CVE entry lists the affected product as RSA Authentication A...

4.3CVSS5.6AI score0.02508EPSS
CVE
CVE
added 2017/11/29 6:0 p.m.64 views

CVE-2017-14377

Summary: CVE-2017-14377 affects EMC RSA Authentication Agent for Web for Apache Web Server 8.0 and 8.0.1 prior to Build 618. A remote authentication bypass vulnerability is described; the exact exploit path is not detailed in the provided documents. The Nessus entry also notes an unspecified auth...

9.8CVSS9.6AI score0.03033EPSS
CVE
CVE
added 2006/03/19 11:0 p.m.59 views

CVE-2005-4734

CVE-2005-4734 describes a stack-based buffer overflow in IISWebAgentIF.dll of the RSA Authentication Agent for Web (SecurID Web Agent) for IIS. A long url parameter in the Redirect method can allow remote attackers to execute arbitrary code. Affected are RSA SecurID Web Agent for IIS versions 5.2...

6.4CVSS8AI score0.54485EPSS
Web
CVE
CVE
added 2005/10/27 4:0 a.m.54 views

CVE-2005-3329

CVE-2005-3329 is an XSS vulnerability in RSA Authentication Agent for Web 5.3 and earlier that allows injection of script or HTML via the image parameter in a GetPic operation. Exploitation details in the sources show an advisory and PoC context around XSS in RSA’s web login flow; vendor fix is R...

4.3CVSS5.8AI score0.02214EPSS
Web
CVE
CVE
added 2010/09/24 6:0 p.m.54 views

CVE-2010-3261

The CVE-2010-3261 entry covers a directory traversal in RSA Authentication Agent 7.0 before P2 for Web that could allow remote reading of unspecified data. The exact attack vectors, affected components, and impact details are not disclosed in the provided documents. No remediation or patch inform...

5CVSS6.8AI score0.01634EPSS