CVE-2010-3321

Name of the Vulnerable Software and Affected Versions RSA Authentication Client versions 2.0.x through 3.5.x before 3.5.3

Description The issue allows local users to bypass intended access restrictions and read keys via unspecified PKCS#11 API requests, due to improper handling of a SENSITIVE or NON-EXTRACTABLE tag on a secret key object stored on a SecurID 800 authenticator.

Recommendations For versions 2.0.x through 3.5.x before 3.5.3, update to version 3.5.3 or later to resolve the issue.