exploitDog

CVE-2012-2287

Опубликовано: 25 сент. 2012

Источник: nvd

CVSS2: 8.5

EPSS Низкий

Описание

The authentication functionality in EMC RSA Authentication Agent 7.1 and RSA Authentication Client 3.5 on Windows XP and Windows Server 2003, when an unspecified configuration exists, allows remote authenticated users to bypass an intended token-authentication step, and establish a login session to a remote host, by leveraging Windows credentials for that host.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:emc:rsa_authentication_agent:7.1:*:*:*:*:*:*:*

cpe:2.3:a:emc:rsa_authentication_client:3.5:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*

EPSS

Процентиль: 45%

0.00228

Низкий

8.5 High

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-7j96-r4rj-9xqh

github

больше 3 лет назад

The authentication functionality in EMC RSA Authentication Agent 7.1 and RSA Authentication Client 3.5 on Windows XP and Windows Server 2003, when an unspecified configuration exists, allows remote authenticated users to bypass an intended token-authentication step, and establish a login session to a remote host, by leveraging Windows credentials for that host.

EPSS

Процентиль: 45%

0.00228

Низкий

8.5 High

CVSS2

Дефекты

CWE-287