MEDIUM🇬🇧 English

CVE-2018-1234

CVSS 5.5v3.0pub. 2018-03-30upd. 2024-11-21

RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access control list (ACL) permissions on a Windows Named Pipe were not sufficient to prevent access by unauthorized users. The attacker with local access to the system can exploit this vulnerability to read configuration properties for the authentication agent.

oryginał EN
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Rsa Authentication Agent For Web

    APP
    Rsa
    ≤ 8.0.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2017-14377CRITICAL9.8ten sam produkt

EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and RSA Authentication Agent for Web: Apac...

CVE-2018-1232HIGH7.5ten sam produkt

RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by ...

CVE-2018-1233MEDIUM6.1ten sam produkt

RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by ...

CVE-2010-3261MEDIUM5.0ten sam produkt

Directory traversal vulnerability in RSA Authentication Agent 7.0 before P2 for Web allows remote attackers to...

CVE-2005-4734MEDIUM6.4ten sam produkt

Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for Web (aka SecurID Web Agent) 5...