CVE-2010-3261:authentication_agent_for_web: Directory traversal vulnerability in RSA Authentica...

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

CVE-2010-3261

authentication_agent_for_web: Directory traversal vulnerability in RSA Authentica...

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3261

Original

Directory traversal vulnerability in RSA Authentication Agent 7.0 before P2 for Web allows remote attackers to read unspecified data via unknown vectors.

Translation (Show)

About This Analysis Information

Analysis Information Provider:

NIST NVD

First Published:

2010-09-24

Source Information Category:

Advisory, Alert

Last Updated:

2010-09-27

Affected Product Tags

cpe:/a:rsa:authentication_agent_for_web:5.1

cpe:/a:rsa:authentication_agent_for_web:5.1.1

cpe:/a:rsa:authentication_agent_for_web:5.2

cpe:/a:rsa:authentication_agent_for_web:5.3

cpe:/a:rsa:authentication_agent_for_web:7.0 and previous versions

Vulnerability Analysis Results

[Access Vector] ^[?]

Undefined^[?]

Local^[?]

Adjacent Network^[?]

Network^[?]

[Access Complexit] ^[?]

Undefined^[?]

High^[?]

Medium^[?]

Low^[?]

[Authentication] ^[?]

Undefined^[?]

Multiple^[?]

Single^[?]

None^[?]

[Confidentiality Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Integrity Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Availability Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

Alternatives

References

BID 43406

BUGTRAQ 20100922 ESA-2010-017: RSA, The Security Division of EMC, announces a security update for RSA Authentication Agent 7.0 for Web, which addresses a potential directory traversal vulnerability

Vulnerability Type Path Traversal (CWE-22)