Lucene search
DellCVE-2010-3321HistoryOct 07, 2010 - 9:00 p.m.
CVE-2010-3321
2010-10-0721:00:01
CWE-264
dell
web.nvd.nist.gov
25
rsa authentication
cve-2010-3321
securid 800
pkcs#11 api
key security
CVSS2
1.5
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:S/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0
Percentile
5.1%
RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or NON-EXTRACTABLE tag on a secret key object that is stored on a SecurID 800 authenticator, which allows local users to bypass intended access restrictions and read keys via unspecified PKCS#11 API requests.
Affected configurations
Node
rsaauthentication_clientMatch2.0
ORrsaauthentication_clientMatch3.0
ORrsaauthentication_clientMatch3.5.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| rsa | authentication_client | 2.0 | cpe:2.3:a:rsa:authentication_client:2.0:*:*:*:*:*:*:* |
| rsa | authentication_client | 3.0 | cpe:2.3:a:rsa:authentication_client:3.0:*:*:*:*:*:*:* |
| rsa | authentication_client | 3.5.1 | cpe:2.3:a:rsa:authentication_client:3.5.1:*:*:*:*:*:*:* |
Related
securityvulns
securityvulns
RSA Authentication Client information leal
2010-10-11 00:00:00
cvelist
cvelist
CVE-2010-3321
2010-10-07 20:21:00
nvd
nvd
CVE-2010-3321
2010-10-07 21:00:01
prion
prion
Authentication flaw
2010-10-07 21:00:00
CVSS2
1.5
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:S/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2010-3321