Description
EMC RSA Authentication Agent 7.1.x before 7.1.2 for Web for Internet Information Services has a fail-open design, which allows remote attackers to bypass intended access restrictions via vectors that trigger an agent crash.
References (1)
Core 1
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2013-10/0115.html
Scores
EPSS
0.0030
EPSS Percentile
53.7%
Details
CWE
CWE-264
Status
published
Products (2)
emc/rsa_authentication_agent
7.1
emc/rsa_authentication_agent
7.1.1
Published
Oct 25, 2013
Tracked Since
Feb 18, 2026