1.5
CVE-2010-3321
- EPSS 0.05%
- Veröffentlicht 07.10.2010 21:00:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle security_alert@emc.com
- CVE-Watchlists
- Unerledigt
LoginRSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or NON-EXTRACTABLE tag on a secret key object that is stored on a SecurID 800 authenticator, which allows local users to bypass intended access restrictions and read keys via unspecified PKCS#11 API requests.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Rsa ≫ Authentication Client Version2.0
Rsa ≫ Authentication Client Version3.0
Rsa ≫ Authentication Client Version3.5.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.135 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 1.5 | 2.7 | 2.9 |
AV:L/AC:M/Au:S/C:P/I:N/A:N
|