CVE-2008-2027

RSA Authentication Agent 5.3.0.258 - Open Redirect

Title source: llm
STIX 2.1

Description

Open redirect vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258 for Web for IIS, when accessed via certain browsers such as Mozilla Firefox, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an ftp URL in the url parameter to a Redirect action.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/42184
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/28907
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3850
Various Sources x_refsource_misc
http://www.procheckup.com/Vulnerability_PR07-43.php
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/491237/100/0/threaded

Scores

EPSS 0.0112
EPSS Percentile 62.4%

Details

CWE
CWE-200
Status published
Products (1)
rsa/authentication_agent 5.3.0.258
Published Apr 30, 2008
Tracked Since Feb 18, 2026