CVE-2012-2281

RSA Access Manager Agent - Authentication Bypass

Title source: rule

Description

EMC RSA Access Manager Server 6.x before 6.1 SP4 and RSA Access Manager Agent do not properly validate session tokens after a logout, which might allow remote attackers to conduct replay attacks via unspecified vectors.

References (2)

Scores

EPSS 0.0033
EPSS Percentile 55.2%

Classification

CWE
CWE-287
Status draft

Affected Products (6)

rsa/access_manager_agent
rsa/access_manager_server
rsa/access_manager_server
rsa/access_manager_server
rsa/access_manager_server
rsa/access_manager_server

Timeline

Published Jul 05, 2012
Tracked Since Feb 18, 2026