CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:C/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
72.7%
EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not prevent reuse of authentication information during a session, which allows remote authenticated users to bypass intended access restrictions via vectors related to knowledge of the originally used authentication information and unspecified other session information.
Vendor | Product | Version | CPE |
---|---|---|---|
emc | rsa_adaptive_authentication_on-premise | 6.0.2.1 | cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp1_patch2:*:*:*:*:*:* |
emc | rsa_adaptive_authentication_on-premise | 6.0.2.1 | cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp1_patch3:*:*:*:*:*:* |
emc | rsa_adaptive_authentication_on-premise | 6.0.2.1 | cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp2:*:*:*:*:*:* |
emc | rsa_adaptive_authentication_on-premise | 6.0.2.1 | cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp2_patch1:*:*:*:*:*:* |
emc | rsa_adaptive_authentication_on-premise | 6.0.2.1 | cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp3:*:*:*:*:*:* |