PT-2012-3920 · Emc · Emc Rsa Access Manager Agent+1
Publicado
2012-07-05
·
Atualizado
2013-03-22
·
CVE-2012-2281
CVSS v2.0
6.8
Média
| Vetor | AV:A/AC:H/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
EMC RSA Access Manager Server versions prior to 6.1 SP4
EMC RSA Access Manager Agent (affected versions not specified)
Description
The issue is related to improper validation of session tokens after a logout, which could allow remote attackers to conduct replay attacks.
Recommendations
For EMC RSA Access Manager Server versions prior to 6.1 SP4, update to version 6.1 SP4 or later.
For EMC RSA Access Manager Agent, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Emc Rsa Access Manager Agent
Emc Rsa Access Manager Server