CVE-2012-2281
Published Jul 5, 2012
Last updated 12 years ago
Overview
- Description
- EMC RSA Access Manager Server 6.x before 6.1 SP4 and RSA Access Manager Agent do not properly validate session tokens after a logout, which might allow remote attackers to conduct replay attacks via unspecified vectors.
- Source
- security_alert@emc.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 10
- Exploitability score
- 3.2
- Vector string
- AV:A/AC:H/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-287
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rsa:access_manager_agent:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA7DAF54-2358-47E1-A53F-346015547C1A"
},
{
"criteria": "cpe:2.3:a:rsa:access_manager_server:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF7733DA-50FD-4688-B981-4F77D734F639"
},
{
"criteria": "cpe:2.3:a:rsa:access_manager_server:6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C5BA71D-0AF8-4530-ADF1-DB4DA8C47D9B"
},
{
"criteria": "cpe:2.3:a:rsa:access_manager_server:6.1:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7912021C-02E3-492E-B269-8E0C839D93C8"
},
{
"criteria": "cpe:2.3:a:rsa:access_manager_server:6.1:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04B01065-FD70-47E8-A094-4A6F87852198"
},
{
"criteria": "cpe:2.3:a:rsa:access_manager_server:6.1:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "372FCAE3-0A73-4EFB-B2CD-271FDBC8F405"
}
],
"operator": "OR"
}
]
}
]