Lucene search

DellCVE-2012-2279

HistoryJul 13, 2012 - 9:55 p.m.

CVE-2012-2279

2012-07-1321:55:02

CWE-20

dell

web.nvd.nist.gov

cve-2012-2279

open redirect

emc

rsa authentication manager

rsa securid

vulnerability

security

nvd

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.002

Percentile

57.7%

JSON

Open redirect vulnerability in the Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Affected configurations

Nvd

Node

emcrsa_authentication_managerRange≤7.1sp4

emcrsa_authentication_managerMatch7.0

emcrsa_authentication_managerMatch7.1

emcrsa_authentication_managerMatch7.1sp3

rsaauthentication_managerMatch7.1sp42

Node

rsasecurid_applianceMatch2.0

rsasecurid_applianceMatch2.0.1

rsasecurid_applianceMatch2.0.2

rsasecurid_applianceMatch3.0

rsasecurid_applianceMatch3.0sp2

rsasecurid_applianceMatch3.0sp3

rsasecurid_applianceMatch3.0sp4

VendorProductVersionCPE
emcrsa_authentication_manager*cpe:2.3:a:emc:rsa_authentication_manager:*:sp4:*:*:*:*:*:*
emcrsa_authentication_manager7.0cpe:2.3:a:emc:rsa_authentication_manager:7.0:*:*:*:*:*:*:*
emcrsa_authentication_manager7.1cpe:2.3:a:emc:rsa_authentication_manager:7.1:*:*:*:*:*:*:*
emcrsa_authentication_manager7.1cpe:2.3:a:emc:rsa_authentication_manager:7.1:sp3:*:*:*:*:*:*
rsaauthentication_manager7.1cpe:2.3:a:rsa:authentication_manager:7.1:sp42:*:*:*:*:*:*
rsasecurid_appliance2.0cpe:2.3:a:rsa:securid_appliance:2.0:*:*:*:*:*:*:*
rsasecurid_appliance2.0.1cpe:2.3:a:rsa:securid_appliance:2.0.1:*:*:*:*:*:*:*
rsasecurid_appliance2.0.2cpe:2.3:a:rsa:securid_appliance:2.0.2:*:*:*:*:*:*:*
rsasecurid_appliance3.0cpe:2.3:a:rsa:securid_appliance:3.0:*:*:*:*:*:*:*
rsasecurid_appliance3.0cpe:2.3:a:rsa:securid_appliance:3.0:sp2:*:*:*:*:*:*

Vendor	Product	Version	CPE
emc	rsa_authentication_manager	*	cpe:2.3:a:emc:rsa_authentication_manager::sp4::::::*
emc	rsa_authentication_manager	7.0	cpe:2.3:a:emc:rsa_authentication_manager:7.0:::::::*
emc	rsa_authentication_manager	7.1	cpe:2.3:a:emc:rsa_authentication_manager:7.1:::::::*
emc	rsa_authentication_manager	7.1	cpe:2.3:a:emc:rsa_authentication_manager:7.1:sp3::::::
rsa	authentication_manager	7.1	cpe:2.3:a:rsa:authentication_manager:7.1:sp42::::::
rsa	securid_appliance	2.0	cpe:2.3:a:rsa:securid_appliance:2.0:::::::*
rsa	securid_appliance	2.0.1	cpe:2.3:a:rsa:securid_appliance:2.0.1:::::::*
rsa	securid_appliance	2.0.2	cpe:2.3:a:rsa:securid_appliance:2.0.2:::::::*
rsa	securid_appliance	3.0	cpe:2.3:a:rsa:securid_appliance:3.0:::::::*
rsa	securid_appliance	3.0	cpe:2.3:a:rsa:securid_appliance:3.0:sp2::::::

Rows per page:

1-10 of 121

References

archives.neohapsis.com/archives/bugtraq/2012-07/0064.html

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.002

Percentile

57.7%

JSON

Related for CVE-2012-2279