Authentication Agent For Web

authentication_agent_for_web

Vendor: Rsa • 8 CVEs

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-1234 1Rsa 1Authentication Agent For Web Nov 21, 2024 Mar 30, 2018 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access control list (ACL) permissions on a Windows Named Pipe were not sufficient to prevent access by unauthorized users....Show more RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access control list (ACL) permissions on a Windows Named Pipe were not sufficient to prevent access by unauthorized users. The attacker with local access to the system can exploit this vulnerability to read configuration properties for the authentication agent.Show less
CVE-2018-1233 1Rsa 1Authentication Agent For Web Nov 21, 2024 Mar 30, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. The attackers could potentially exploit this vulnerability to execute ar...Show more RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. The attackers could potentially exploit this vulnerability to execute arbitrary HTML or JavaScript code in the user's browser session in the context of the affected website.Show less
CVE-2018-1232 1Rsa 1Authentication Agent For Web Nov 21, 2024 Mar 30, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid fo...Show more RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit this vulnerability to crash the authentication agent and cause a denial-of-service situation.Show less
CVE-2017-14377 1Rsa 1Authentication Agent For Web May 13, 2026 Nov 29, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and RSA Authentication Agent for Web: Apache Web Server version 8.0.1 prior to Build 618 have a security vulnerability that could potentially lead to au...Show more EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and RSA Authentication Agent for Web: Apache Web Server version 8.0.1 prior to Build 618 have a security vulnerability that could potentially lead to authentication bypass.Show less
CVE-2010-3261 1Rsa 1Authentication Agent For Web Apr 29, 2026 Sep 24, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Directory traversal vulnerability in RSA Authentication Agent 7.0 before P2 for Web allows remote attackers to read unspecified data via unknown vectors.
CVE-2005-4734 1Rsa 1Authentication Agent For Web Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 6.4 MEDIUM· v2 Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for Web (aka SecurID Web Agent) 5.2 and 5.3 for IIS allows remote attackers to execute arbitrary code via a long url parameter in the Redirect...Show more Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for Web (aka SecurID Web Agent) 5.2 and 5.3 for IIS allows remote attackers to execute arbitrary code via a long url parameter in the Redirect method.Show less
CVE-2005-3329 1Rsa 1Authentication Agent For Web Apr 16, 2026 Oct 27, 2005 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in RSA Authentication Agent for Web 5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter in a GetPic operation.
CVE-2005-1118 1Rsa 1Authentication Agent For Web Apr 16, 2026 Apr 14, 2005 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the RSA Authentication Agent for Web 5.2 allows remote attackers to inject arbitrary web script or HTML via the postdata parameter.