Authentication Agent For Web
Monthly
RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access control list (ACL) permissions on a Windows Named Pipe were not sufficient to prevent access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and RSA Authentication Agent for Web: Apache Web Server version 8.0.1 prior to Build 618 have a security vulnerability that could. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access control list (ACL) permissions on a Windows Named Pipe were not sufficient to prevent access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and RSA Authentication Agent for Web: Apache Web Server version 8.0.1 prior to Build 618 have a security vulnerability that could. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.