- Description
- EMC RSA Security SiteKey does not set the secure qualifier on the SiteKey Flash token (aka the PassMark Flash shared object), which might allow remote attackers to obtain the token via HTTP.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:rsa_security_sitekey:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C8C1263-8E82-4D21-B0BC-D521A1099834"
}
],
"operator": "OR"
}
]
}
]