1.5
CVE-2010-3321
- EPSS 0.26%
- Veröffentlicht 07.10.2010 21:00:01
- Zuletzt bearbeitet 16.06.2026 23:22:34
- Quelle security_alert@emc.com
- CVE-Watchlists
- Unerledigt
RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or NON-EXTRACTABLE tag on a secret key object that is stored on a SecurID 800 authenticator, which allows local users to bypass intended access restrictions and read keys via unspecified PKCS#11 API requests.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Rsa ≫ Authentication Client Version2.0
Rsa ≫ Authentication Client Version3.0
Rsa ≫ Authentication Client Version3.5.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.26% | 0.174 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 1.5 | 2.7 | 2.9 |
AV:L/AC:M/Au:S/C:P/I:N/A:N
|
http://www.securityfocus.com/archive/1/514153/100/0/threaded
http://www.securityfocus.com/bid/43795