Lucene search
MitreCVE-2008-6886HistoryAug 03, 2009 - 2:30 p.m.
CVE-2008-6886
2009-08-0314:30:00
CWE-264
mitre
web.nvd.nist.gov
33
cve-2008-6886
rsa envision
access restriction
administrator password
brute force
nvd
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
7
Confidence
Low
EPSS
0.006
Percentile
79.0%
RSA EnVision 3.5.0, 3.5.1, 3.5.2, and 3.7.0 does not properly restrict access to unspecified user profile functionality, which allows remote attackers to obtain the administrator password hash and conduct brute force guessing attacks.
Affected configurations
Node
rsaenvisionMatch3.5.0
ORrsaenvisionMatch3.5.1
ORrsaenvisionMatch3.5.2
ORrsaenvisionMatch3.7.0
Related
cvelist
cvelist
CVE-2008-6886
2009-08-03 14:00:00
nvd
nvd
CVE-2008-6886
2009-08-03 14:30:00
prion
prion
Design/Logic Flaw
2009-08-03 14:30:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
7
Confidence
Low
EPSS
0.006
Percentile
79.0%
Related for CVE-2008-6886