Lucene search

MitreCVE-2011-4141

HistoryDec 17, 2011 - 3:54 a.m.

CVE-2011-4141

2011-12-1703:54:45

mitre

web.nvd.nist.gov

emc

rsa

securid

software token

vulnerability

privilege escalation

cve-2011-4141

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

37.3%

JSON

Untrusted search path vulnerability in EMC RSA SecurID Software Token 4.1 before 4.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Software Token file.

Affected configurations

Nvd

Node

rsasecuridMatch4.1

rsasecuridMatch4.1.0.545

VendorProductVersionCPE
rsasecurid4.1.0.545cpe:/h:rsa:securid:4.1.0.545:::
rsasecurid4.1cpe:/h:rsa:securid:4.1:::

Vendor	Product	Version	CPE
rsa	securid	4.1.0.545	cpe:/h:rsa:securid:4.1.0.545:::
rsa	securid	4.1	cpe:/h:rsa:securid:4.1:::

References

archives.neohapsis.com/archives/bugtraq/2011-12/0089.html

secunia.com/advisories/45665

securitytracker.com/id?1026426

exchange.xforce.ibmcloud.com/vulnerabilities/71833

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

37.3%

JSON

Related for CVE-2011-4141