CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:H/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
67.7%
EMC RSA Access Manager Server 6.x before 6.1 SP4 and RSA Access Manager Agent do not properly validate session tokens after a logout, which might allow remote attackers to conduct replay attacks via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
rsa | access_manager_agent | * | cpe:2.3:a:rsa:access_manager_agent:*:*:*:*:*:*:*:* |
rsa | access_manager_server | 6.0 | cpe:2.3:a:rsa:access_manager_server:6.0:*:*:*:*:*:*:* |
rsa | access_manager_server | 6.1 | cpe:2.3:a:rsa:access_manager_server:6.1:*:*:*:*:*:*:* |
rsa | access_manager_server | 6.1 | cpe:2.3:a:rsa:access_manager_server:6.1:sp1:*:*:*:*:*:* |
rsa | access_manager_server | 6.1 | cpe:2.3:a:rsa:access_manager_server:6.1:sp2:*:*:*:*:*:* |
rsa | access_manager_server | 6.1 | cpe:2.3:a:rsa:access_manager_server:6.1:sp3:*:*:*:*:*:* |