Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2012-2287
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
The authentication functionality in EMC RSA Authentication Agent 7.1 and RSA Authentication Client 3.5 on Windows XP and Windows Server 2003, when an unspecified configuration exists, allows remote authenticated users to bypass an intended token-authentication step, and establish a login session to a remote host, by leveraging Windows credentials for that host..
CVSSv2.0 Score
- Severity
- High
- Base Score
- 8.5/10
- Exploit Score
- 6.8/10
- Access Vector
- Network
- Access Complexity
- Medium
- Authentication Required
- Single
- Impact Score
- 10/10
- Confidentiality Impact
- Complete
- Availability Impact
- Complete
- Integrity Impact
- Complete
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:emc:rsa_authentication_agent:7.1:*:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:a:emc:rsa_authentication_client:3.5:*:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:* |
No
|
- |