CVE-2008-2027

Published: Apr 30, 2008Modified: Apr 23, 2026

5.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability: 8.6 / Impact: 4.9

Source: NVD

Description

Open redirect vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258 for Web for IIS, when accessed via certain browsers such as Mozilla Firefox, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an ftp URL in the url parameter to a Redirect action.

Affected (1)

Products: Rsa: Authentication Agent

1 product

Authentication Agent

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Rsa Authentication Agent	Version 5.3.0.258

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (10)

http://securityreason.com/securityalert/3850

Source: cve@mitre.org

http://www.procheckup.com/Vulnerability_PR07-43.php

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/491237/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/28907

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/42184

Source: cve@mitre.org

http://securityreason.com/securityalert/3850

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.procheckup.com/Vulnerability_PR07-43.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/491237/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/28907

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/42184

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.