Vulnerabilities > CVE-2017-14378 - Unspecified vulnerability in EMC products

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

emc

critical

NVD

Published: 2017-11-29

Updated: 2019-10-03

Summary

EMC RSA Authentication Agent API 8.5 for C and RSA Authentication Agent SDK 8.6 for C allow attackers to bypass authentication, aka an "Error Handling Vulnerability."

Vulnerable Configurations

Part	Description	Count
Application	Emc EMC RSA Authentication Agent SDK FOR C 8.6 EMC RSA Authentication Agent API FOR C 8.5	2

References

http://seclists.org/fulldisclosure/2017/Nov/48
http://www.securitytracker.com/id/1039877
http://www.securityfocus.com/bid/101979