CyberSec.Space Logo
Back to CVE Browser

CVE-2017-14378

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1760%
EPSS Percentile6.75th
PublishedNov 29, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

EMC RSA Authentication Agent API 8.5 for C and RSA Authentication Agent SDK 8.6 for C allow attackers to bypass authentication, aka an "Error Handling Vulnerability."

Affected Platforms (CPE)

πŸ“¦
Emc

Rsa Authentication Agent Api For C

= 8.5
πŸ“¦
Emc

Rsa Authentication Agent Sdk For C

= 8.6

References & Advisories

πŸ”— http://seclists.org/fulldisclosure/2017/Nov/48
πŸ”— http://www.securityfocus.com/bid/101979
πŸ”— http://www.securitytracker.com/id/1039877
πŸ”— http://seclists.org/fulldisclosure/2017/Nov/48
πŸ”— http://www.securityfocus.com/bid/101979
πŸ”— http://www.securitytracker.com/id/1039877

Related Vulnerabilities

CVE-2013-09412.1

EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, R...

CVE-2017-766410.0

Uploaded XML documents were not correctly validated in Apache OpenMeetings 3.1.0.

CVE-2017-1026910.0

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affecte...

CVE-2017-1129110.0

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists tha...