CVE-2013-0941
First published: Wed May 22 2013(Updated: )
EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| RSA Authentication API | <=8.1 | |
| RSA SecurID Web Agent | <=5.3.4 | |
| Apache HTTP server | ||
| Microsoft Internet Information Server | ||
| Rsa Pluggable Authentication Module Agent | <=6.0 | |
| RSA Authentication Agent | <=6.1.3 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/tags
- agent/author
- agent/description
- agent/event
- vendor/rsa
- canonical/rsa authentication api
- version/rsa authentication api/8.1
- canonical/rsa securid web agent
- version/rsa securid web agent/5.3.4
- vendor/apache
- canonical/apache http server
- vendor/microsoft
- canonical/microsoft internet information server
- canonical/rsa pluggable authentication module agent
- version/rsa pluggable authentication module agent/6.0
- canonical/rsa authentication agent
- version/rsa authentication agent/6.1.3
- canonical/microsoft windows