Описание
EMC RSA Access Manager Server 6.x before 6.1 SP4 and RSA Access Manager Agent do not properly validate session tokens after a logout, which might allow remote attackers to conduct replay attacks via unspecified vectors.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:rsa:access_manager_agent:*:*:*:*:*:*:*:*
cpe:2.3:a:rsa:access_manager_server:6.0:*:*:*:*:*:*:*
cpe:2.3:a:rsa:access_manager_server:6.1:*:*:*:*:*:*:*
cpe:2.3:a:rsa:access_manager_server:6.1:sp1:*:*:*:*:*:*
cpe:2.3:a:rsa:access_manager_server:6.1:sp2:*:*:*:*:*:*
cpe:2.3:a:rsa:access_manager_server:6.1:sp3:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00326
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
EMC RSA Access Manager Server 6.x before 6.1 SP4 and RSA Access Manager Agent do not properly validate session tokens after a logout, which might allow remote attackers to conduct replay attacks via unspecified vectors.
EPSS
Процентиль: 55%
0.00326
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-287