Vulnerabilities > RSA > Authentication Agent FOR WEB

DATE CVE VULNERABILITY TITLE RISK
2018-03-30 CVE-2018-1234 Information Exposure vulnerability in RSA Authentication Agent for web 8.0/8.0.1
RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access control list (ACL) permissions on a Windows Named Pipe were not sufficient to prevent access by unauthorized users.
local
low complexity
rsa CWE-200
5.5
5.5
2018-03-30 CVE-2018-1233 Cross-site Scripting vulnerability in RSA Authentication Agent for web 8.0/8.0.1
RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability.
network
low complexity
rsa CWE-79
6.1
6.1
2018-03-30 CVE-2018-1232 Out-of-bounds Write vulnerability in RSA Authentication Agent for web 8.0/8.0.1
RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats.
network
low complexity
rsa CWE-787
7.5
7.5
2017-11-29 CVE-2017-14377 Improper Authentication vulnerability in RSA Authentication Agent for web 8.0/8.0.1
EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and RSA Authentication Agent for Web: Apache Web Server version 8.0.1 prior to Build 618 have a security vulnerability that could potentially lead to authentication bypass.
network
low complexity
rsa CWE-287
critical
 9.8
9.8