Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2287

Overview

Vulnerability Score 8.5 8.5
CVE Id CVE-2012-2287
Last Modified 21 Mar 2013 11:10:16
Published 25 Sep 2012 07:07:46
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2012-2287

Summary

The authentication functionality in EMC RSA Authentication Agent 7.1 and RSA Authentication Client 3.5 on Windows XP and Windows Server 2003, when an unspecified configuration exists, allows remote authenticated users to bypass an intended token-authentication step, and establish a login session to a remote host, by leveraging Windows credentials for that host.

Vulnerable Systems

Application

  • Emc Rsa Authentication Agent 7.1

  • Emc Rsa Authentication Client 3.5


References

BUGTRAQ - 20120920 ESA-2012-037: RSA(r) Authentication Agent 7.1 for Microsoft Windows(r) and RSA(r) Authentication Client 3.5 Access Control Vulnerability

XF - rsa-authentication-security-bypass(78802)

BID - 55662


Last Updated: 27 May 2016 10:47:25