CVE-2006-7199
EMC RSA Security SiteKey - Man-in-the-Middle Image Display Spoofing
Title source: llmDescription
EMC RSA Security SiteKey allows remote attackers to display the correct image via a man-in-the-middle (MITM) attack in which an attacker-controlled server proxies authentication data to and from a legitimate SiteKey server. NOTE: the vendor disputes the severity of the issue, stating that it is easier to monitor this attack than "attacks against static web pages."
References (3)
Core 3
Core References
Various Sources x_refsource_misc
http://www.cr-labs.com/publications/WhySiteKey-20060824.pdf
Various Sources x_refsource_misc
http://www.cr-labs.com/publications/SiteKey-20060718.pdf
Various Sources x_refsource_misc
http://www.networkworld.com/newsletters/sec/2007/0402sec2.html
Scores
EPSS
0.0041
EPSS Percentile
61.6%
Details
Status
published
Products (1)
emc/rsa_security_sitekey
Published
Apr 30, 2007
Tracked Since
Feb 18, 2026