Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-2733
HistoryAug 18, 2011 - 11:55 p.m.

CVE-2011-2733

2011-08-1823:55:00
CWE-287
[email protected]
web.nvd.nist.gov
7

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:C/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

0.004

Percentile

72.7%

JSON

EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not prevent reuse of authentication information during a session, which allows remote authenticated users to bypass intended access restrictions via vectors related to knowledge of the originally used authentication information and unspecified other session information.

Affected configurations

Nvd
Node
emcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp1_patch2
OR
emcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp1_patch3
OR
emcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp2
OR
emcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp2_patch1
OR
emcrsa_adaptive_authentication_on-premiseMatch6.0.2.1sp3
VendorProductVersionCPE
emcrsa_adaptive_authentication_on-premise6.0.2.1cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp1_patch2:*:*:*:*:*:*
emcrsa_adaptive_authentication_on-premise6.0.2.1cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp1_patch3:*:*:*:*:*:*
emcrsa_adaptive_authentication_on-premise6.0.2.1cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp2:*:*:*:*:*:*
emcrsa_adaptive_authentication_on-premise6.0.2.1cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp2_patch1:*:*:*:*:*:*
emcrsa_adaptive_authentication_on-premise6.0.2.1cpe:2.3:a:emc:rsa_adaptive_authentication_on-premise:6.0.2.1:sp3:*:*:*:*:*:*

Related

securityvulns 2
cvelist 1
prion 1
cve 1
securityvulns
securityvulns
ESA-2011-027: RSA, The Security Division of EMC, releases Security Patch for Adaptive Authentication (On-Premise)
2011-08-17 00:00:00
EMC RSA Adaptive Authentication authentication data reuse (On-Premise)
2011-08-17 00:00:00
cvelist
cvelist
CVE-2011-2733
2011-08-18 23:00:00
prion
prion
Authentication flaw
2011-08-18 23:55:00
cve
cve
CVE-2011-2733
2011-08-18 23:55:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:C/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

0.004

Percentile

72.7%

JSON
Related for NVD:CVE-2011-2733
securityvulns2cvelist1prion1cve1